ITEGRITI published a guest blog Tripwire's "State of Security" newsletter. Read the article here.
About ITEGRITIThis author has not yet filled in any details.
So far ITEGRITI has created 22 blog entries.
ITEGRITI assisted a large utility client prepare for a CIPv5 Multi-Region (MRRE) audit by reviewing compliance evidence and preparing the SMEs for audit through training and guidance on complex issues. For any identified issues, we provided recommendations and worked with the client to implement remediation actions where necessary. The client was fully prepared to address [...]
ITEGRITI built a custom database tool for a client that combined all the various NERC inputs and tools (i.e. Evidence Request Spreadsheet, RSAWs, Standards, etc.) and supplemented them with information developed and retained by the client over time. The tool helped automate the collection and review of NERC compliance evidence as well as facilitated the [...]
ITEGRITI assisted a logistics company deal with the impact of a ransomware event and a unknown persistent threat actor. ITEGRITI worked with the company to employ effective deterrence and recovery strategies and discussed threat-hunting and forensic options with the client.
ITEGRITI helped bring an entire CIP audit package together for a large utility client to ensure that compliance narratives, evidence references, and supporting evidence all aligned, was appropriately cross-referenced, and addressed the requests from the auditor. ITEGRITI helped coordinate this response across multiple business areas and ensured a quality audit package despite tight timelines and [...]
ITEGRITI assisted a client concerned with HIPAA and PCI risks by reviewing baseline cybersecurity controls to assess the health of their cybersecurity program. The review included the set cybersecurity controls that can help mitigate 80% of cybersecurity vulnerabilities. Our report provided an overall maturity assessment with risk based recommendations on how to improve the program.
ITEGRITI developed a program and set of controls for a client to address risks around the issues related to "Removable Media" (USB drives, Recordable CDs, SD Cards, etc.) and "Transient Devices" (vendor laptops used for analysis, etc.), areas of challenge for many companies, to ensure both compliance and effectiveness.
ITEGRITI will be speaking on "Compliance vs. Cybersecurity" as part of a panel discussion at the Gulf Coast Power Association (GCPA) Fall Conference 2017, Oct. 3 - 4 In Austin, TX. Event Link
ITEGRITI improved the evidence of a cybersecurity department through training and real time, "live", advisory services via conference calls. As a result, cybersecurity process evidence that initially had a rejection rate for insufficient evidence by an independent review party of nearly 60% was reduced to 10% and the revised processes and evidence received positive feedback [...]
ITEGRITI performed a cybersecurity risk evaluation for a company seeking to provide assurance to its cybersecurity insurance provider. The assessment included reviewing network infrastructure and cybersecurity process controls and evaluating those processes against a baseline of processes that provide assurance that the majority of cybersecurity risks are addressed. As a result of the assessment, both [...]