Cyber security was never far from the news in 2019, with high profile threats and breaches regularly hitting the headlines. As we enter 2020, the scale of the challenge facing business in all sectors continues to grow. Amid increasing pressure from industry regulators, it has never been more important for businesses to ensure they are taking proactive steps to improve their security posture and protect their data from cybercriminals.

Zero Trust is a new concept to many but one I believe will be of increasing importance over the coming years. With this post, I wanted to introduce newcomers to the concept, talk about why it’s an exciting approach to improving security, and explore how you can leverage File Integrity Monitoring (FIM) and Security Configuration Management (SCM) tools like Tripwire Enterprise (TE) to assist you on your Zero Trust (ZT) journey.

Network and information systems (NIS) and the essential functions they support play a vital role in society from ensuring the supply of electricity, water, oil and gas to the provisioning of healthcare and the safety of passenger and freight transport. In addition, computerized systems are performing vital safety-related functions designed to protect human lives.

Phishing is a broadly understood risk when it comes to internet security – it’s the process by which data thieves will attempt to infect your system with a virus by sending an authentic-looking communication that tricks the recipient into a clicking a malicious link. As phishing becomes a more established method of data theft and virus infection, however, data thieves are specialising – which leads to new terms.

Having a comprehensive business continuity plan (BCP) in place will help ensure that your business doesn’t suffer any downtime in the event of a disaster, which may include natural disasters, such as floods, fire, weather-related events, and cyberattacks. If you’re not prepared, these disasters can have catastrophic consequences on your business, including loss of productivity, loss of revenue, as well as damage to your reputation and your relationships with your customers.

With 2020 around the corner, we’re entering a new decade in the cybersecurity landscape. What does the future hold for security professionals? We’d like to ring in the new year with good news, but the truth is that hackers will become smarter and breaches will grow in scale and number, creating an even greater pressure for security teams to keep up. Read our five predictions for 2020 to understand what to look out for and how to prepare for the new decade.

It’s been another fantastic year on The State of Security blog. With over 350 blogs published from all walks of the security community, we like to think of the blog as more of an industry resource that caters to not only experienced security professionals but also to those who are new to the community. To finish the year off, I wanted to look back on some of my personal favorites. I’ve tried to include a mixture of different styles, topics and authors.

Proper functioning of IT service operations is necessary for business continuity. No sooner your service operations break down such as slowing down of the Email server than your entire business operations can be put on the verge of destruction.

When mainstream cloud computing first began to appear on the horizon, (Amazon launched its Elastic Compute Cloud product in 2006.) many organizations were initially hesitant to entrust their most valuable data and processes to a technological innovation named after something that appears so delicate. Oh, how times have changed.

Honeypots are not a new idea. They have been part of the cybersecurity world for decades and have frequently gone in and out of “fashion” over that period. Recently, though, they have become an increasingly important part of vulnerability management. That’s for a couple of reasons. Honeypots offer real-world data on the types of threats that companies face, and they can be a powerful research tool in identifying specific threat vectors.