We often interview seasoned veterans of security to hear their insights about cybersecurity. However, even new members of Fortra’s Tripwire team have a lot to offer about the state of security. We recently had the opportunity to speak with Faisal Parkar, who works in the Tripwire Sales Engineer department. While he may be newer to Tripwire and Fortra, he has wisdom of ages about cybersecurity.
What do you think are the biggest cybersecurity challenges facing organizations at the moment?
FP: That’s a very good question. Gone are the days when you had individuals who are very knowledgeable who would look to compromise an organization or a system for whatever intent. It was more the fact that they just wanted to see if they could push the boundaries. That threat has now evolved, because not only have you got state actors conducting the same threats, but you also have kids in bedrooms who are sitting there and just trying to see what they can and can't get away with. If you look at some of the biggest attacks, such as the TalkTalk compromise, it was carried out by a young adult who leaked the customer database out onto the internet.
The threats are different as well. The challenge for organizations is, who's attacking them, because that's become very blurred. The intent has now changed as well. It's more financially based. Previously, it was typically for fun, or possibly, corporate espionage. The challenge is, how do organizations prepare themselves for those threats?
If you could offer one bit of advice to a security team that you might be speaking to, what would that be? Where would you tell them to focus?
FP: My advice would be to build your wall before the threat comes. You have to ensure that you are able to not only prevent threats, but you also need to determine what's there to assist you to regain control, should a compromise occur. As a simplified example, having a firewall will obviously make it a lot more difficult for attackers to be able to get into your network. But it will only hold them off for so long. So, what else can you do?
If attackers get in, you need to know what they are up to. You want to have systems, processes, and the right support in place to be able to provide you the information to stop the threat. It goes beyond that. In advance of a compromise, you can encrypt data to make it useless to an attacker, and you can provide multiple layers of backups. Think of it as fortifying the castle. You have to take every precaution that you can.
How do you stay up to date with all the relevant security news? Do you have a favorite place you go to read content, a favorite podcast, or social media channel that you use as your source to know what's going on in the industry?
FP: I use the News app on my mobile device for general news, and for security-specific news, I follow websites such as Bleeping Computer, CNET, and a few of the others. I also enjoy the DarkNet Diaries podcast.
A lot of organizations aim to be compliant, but that doesn't necessarily mean that they're secure. What advice would you give to those organizations that are looking at just doing enough just to pass their compliance audits, but not necessarily focusing on security as well?
FP: Being compliant certainly doesn't mean that you're secure. What it means is that it's providing you a set of guidelines based around a framework to be able to take every precaution you can within your environment to ensure that you make it as hard as you can for any threats to succeed against your environment.
As a simplified example, the idea behind it is to take what's provided to you, but to mold it for your organization. The new PCI DSS Standard says that, by March 31, 2025, you need to have a minimum of 12 characters for a password, however, there's nothing to stop you from extending that minimum number of characters. The idea behind compliance is to use it as a guide and understand it. But, what's very, very useful is to have something like the compliance piece within Tripwire Enterprise to give you the ability to have better oversight within your organization.
Learn more about Tripwire Enterprise and how FIM & SCM can improve the security of your organization.
Tripwire Enterprise: Security Configuration Management (SCM) Software
Enhance your organization's cybersecurity with Tripwire Enterprise! Explore our advanced security and compliance management solution now to protect your valuable assets and data.