Welcome!

News Feed Item

Tripwire and The Anfield Group Announce Technology Partnership

Tripwire, Inc., a leading global provider of advanced threat, security and compliance solutions, and The Anfield Group, a global security and reliability consulting firm, today announced a technology partnership. The partnership is part of the Tripwire NERC Alliance Network (NAN) program that has been designed to foster collaboration on critical infrastructure compliance and security solutions that help companies efficiently achieve NERC CIP compliance.

According to the Department of Homeland Security, recent cyberattacks employing sophisticated Russian malware have targeted U.S. energy grid operators as well as major electricity providers in Spain, Italy, France, Germany and Poland. As a result of the increasing number of cyberthreats focused on this sector, a recent report on critical infrastructure cybersecurity indicated that 67 percent of critical infrastructure organizations “have had at least one security compromise that led to the loss of confidential information or disruption to operations” in the past year.

“With more than 30 years of combined experience in NERC CIP standards, we stand out as the most experienced consultancy in the industry,” said Chris Humphreys, chief executive officer and president of The Anfield Group. “Our experts have not only played key roles in writing NERC standards, but have also implemented them at utilities. In addition, as NERC-certified lead auditors, we have participated in more than 130 NERC audits of North American utility companies. We are excited to bring our unmatched, hands-on, real-world experience to the NERC Alliance Network.”

The Anfield Group is a trusted, global security and reliability consulting firm focused on critical infrastructure. The Anfield Group works with public and private organizations to architect, implement and maintain the processes, controls, and technologies necessary to improve and sustain a sound cybersecurity posture. The company also provides trusted advice and guidance on how critical infrastructure organizations can demonstrate, automate and stay in compliance with regulatory requirements.

Tripwire® Enterprise combines the power of security configuration management, change auditing, vulnerability management and threat detection with file integrity monitoring (FIM) to deliver continuous compliance and automated audit evidence collection. Together these capabilities enable critical infrastructure providers to significantly reduce the time and resources required to achieve and maintain regulatory compliance and measurably improve cybersecurity.

“The Anfield Group understands the complex security and compliance challenges facing critical infrastructure providers,” said Jeff Simon, director of service solutions for Tripwire. “That’s why we’re excited about our partnership. They have deep experience in delivering custom-designed compliance and security solutions that work in the real world. Anfield’s deep industry expertise is a perfect complement to the technology-focused solution providers in the NAN program.”

All NERC Alliance Network members will be participating in EnergySec’s upcoming 10th Anniversary Security Summit. The event will be held August 18-22, 2014, at the Barton Creek Resort and Spa in Austin, Texas.

About The Anfield Group

When it comes to protecting the Nation’s critical electric grid and energy resources, there is no substitute for experience. And with more than 30 years of combined experience in NERC CIP standards, The Anfield Group is the most experienced consultancy in the industry. The firm’s real-world experience in creating standards, implementing them at utilities and evaluating compliance provide them with a unique and comprehensive understanding of how to best secure the industry from successful cyber attacks. Best of all, this experience allows The Anfield Group to provide its clients with reliability and security solutions that make sense. For more information, go to www.theanfieldgroup.com or email [email protected].

About Tripwire

Tripwire is a leading provider of advanced threat, security and compliance solutions that enable enterprises, service providers and government agencies to confidently detect, prevent and respond to cybersecurity threats. Tripwire solutions are based on high-fidelity asset visibility and deep endpoint intelligence combined with business-context and enable security automation through enterprise integration. Tripwire’s portfolio of enterprise-class security solutions includes configuration and policy management, file integrity monitoring, vulnerability management and log intelligence. Learn more at www.tripwire.com, get security news, trends and insights at http://www.tripwire.com/state-of-security/ or follow us on Twitter @TripwireInc.

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
"Splunk basically takes machine data and we make it usable, valuable and accessible for everyone. The way that plays in DevOps is - we need to make data-driven decisions to delivering applications," explained Andi Mann, Chief Technology Advocate at Splunk and @DevOpsSummit Conference Chair, in this SYS-CON.tv interview at @DevOpsSummit at 19th Cloud Expo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
Security, data privacy, reliability, and regulatory compliance are critical factors when evaluating whether to move business applications from in-house, client-hosted environments to a cloud platform. Quality assurance plays a vital role in ensuring that the appropriate level of risk assessment, verification, and validation takes place to ensure business continuity during the migration to a new cloud platform.
Fact is, enterprises have significant legacy voice infrastructure that’s costly to replace with pure IP solutions. How can we bring this analog infrastructure into our shiny new cloud applications? There are proven methods to bind both legacy voice applications and traditional PSTN audio into cloud-based applications and services at a carrier scale. Some of the most successful implementations leverage WebRTC, WebSockets, SIP and other open source technologies. In his session at @ThingsExpo, Da...
In his session at @DevOpsSummit at 19th Cloud Expo, Robert Doyle, lead architect at eCube Systems, will examine the issues and need for an agile infrastructure and show the advantages of capturing developer knowledge in an exportable file for migration into production. He will introduce the use of NXTmonitor, a next-generation DevOps tool that captures application environments, dependencies and start/stop procedures in a portable configuration file with an easy-to-use GUI. In addition to captur...
Who are you? How do you introduce yourself? Do you use a name, or do you greet a friend by the last four digits of his social security number? Assuming you don’t, why are we content to associate our identity with 10 random digits assigned by our phone company? Identity is an issue that affects everyone, but as individuals we don’t spend a lot of time thinking about it. In his session at @ThingsExpo, Ben Klang, Founder & President of Mojo Lingo, discussed the impact of technology on identity. Sho...
A critical component of any IoT project is what to do with all the data being generated. This data needs to be captured, processed, structured, and stored in a way to facilitate different kinds of queries. Traditional data warehouse and analytical systems are mature technologies that can be used to handle certain kinds of queries, but they are not always well suited to many problems, particularly when there is a need for real-time insights.
In his session at DevOps Summit, Tapabrata Pal, Director of Enterprise Architecture at Capital One, will tell a story about how Capital One has embraced Agile and DevOps Security practices across the Enterprise – driven by Enterprise Architecture; bringing in Development, Operations and Information Security organizations together. Capital Ones DevOpsSec practice is based upon three "pillars" – Shift-Left, Automate Everything, Dashboard Everything. Within about three years, from 100% waterfall, C...
You think you know what’s in your data. But do you? Most organizations are now aware of the business intelligence represented by their data. Data science stands to take this to a level you never thought of – literally. The techniques of data science, when used with the capabilities of Big Data technologies, can make connections you had not yet imagined, helping you discover new insights and ask new questions of your data. In his session at @ThingsExpo, Sarbjit Sarkaria, data science team lead ...
WebRTC has had a real tough three or four years, and so have those working with it. Only a few short years ago, the development world were excited about WebRTC and proclaiming how awesome it was. You might have played with the technology a couple of years ago, only to find the extra infrastructure requirements were painful to implement and poorly documented. This probably left a bitter taste in your mouth, especially when things went wrong.
"We provide DevOps solutions. We also partner with some key players in the DevOps space and we use the technology that we partner with to engineer custom solutions for different organizations," stated Himanshu Chhetri, CTO of Addteq, in this SYS-CON.tv interview at DevOps at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York City, NY.
DevOps tends to focus on the relationship between Dev and Ops, putting an emphasis on the ops and application infrastructure. But that’s changing with microservices architectures. In her session at DevOps Summit, Lori MacVittie, Evangelist for F5 Networks, will focus on how microservices are changing the underlying architectures needed to scale, secure and deliver applications based on highly distributed (micro) services and why that means an expansion into “the network” for DevOps.
WebRTC is bringing significant change to the communications landscape that will bridge the worlds of web and telephony, making the Internet the new standard for communications. Cloud9 took the road less traveled and used WebRTC to create a downloadable enterprise-grade communications platform that is changing the communication dynamic in the financial sector. In his session at @ThingsExpo, Leo Papadopoulos, CTO of Cloud9, discussed the importance of WebRTC and how it enables companies to focus o...
Providing secure, mobile access to sensitive data sets is a critical element in realizing the full potential of cloud computing. However, large data caches remain inaccessible to edge devices for reasons of security, size, format or limited viewing capabilities. Medical imaging, computer aided design and seismic interpretation are just a few examples of industries facing this challenge. Rather than fighting for incremental gains by pulling these datasets to edge devices, we need to embrace the i...
Web Real-Time Communication APIs have quickly revolutionized what browsers are capable of. In addition to video and audio streams, we can now bi-directionally send arbitrary data over WebRTC's PeerConnection Data Channels. With the advent of Progressive Web Apps and new hardware APIs such as WebBluetooh and WebUSB, we can finally enable users to stitch together the Internet of Things directly from their browsers while communicating privately and securely in a decentralized way.
All organizations that did not originate this moment have a pre-existing culture as well as legacy technology and processes that can be more or less amenable to DevOps implementation. That organizational culture is influenced by the personalities and management styles of Executive Management, the wider culture in which the organization is situated, and the personalities of key team members at all levels of the organization. This culture and entrenched interests usually throw a wrench in the work...