Making Data Integrity Easy: Simplifying NIST CSF with Tripwire


When you think of the cybersecurity “CIA” triad of Confidentiality, Integrity, and Availability, which one of those is most important to your organization? While the answer may vary by season for your organization, there is no argument that they are all equally vital sides of that CIA triangle, and each deserves the correct level of care and attention.

For the purposes of this blog, we will be focusing on the importance of the second pillar, Integrity, and how Tripwire‘s white paper “Closing the Integrity Gap with NIST’s Cybersecurity Framework” takes a fresh look at the importance of maintaining it – along with how Fortra’s Tripwire solutions are especially suited to help you comply with NIST standards.

Why Integrity Often Gets Overlooked – And Shouldn’t

From a privacy standpoint, confidentiality reigns supreme. Confidentiality is so important that it has been codified into many of the cyber regulations of recent years, most notably the California Consumer Privacy Act (CCPA). If you approach the CIA triad from a strict business mindset, then availability is probably a prime concern. After all, if the data is unavailable, your business is also unavailable.

It seems that integrity is often given a casual thought and dismissed with little more than a shrug – we hear terms like “file integrity” and “database integrity” and file it away in the “jargon” side of our brain. Is it because it is just not as visceral as the thought of a privacy violation or as important as five-nines (99.999%) availability? Or is it just because familiarity breeds contempt? Either way, we, as security practitioners, need a wake-up call when it comes to how vital this second pillar really is. And sometimes, unfortunately, we get it.

In recent years, ransomware prevention has been the main focus of business. The horribly disruptive criminal act of encrypting a company’s data and then holding it hostage has come to be seen as a breach event. With some of the newer ransomware strains that first steal the data and threaten the publication if the ransom is not paid, ransomware has also become a privacy breach. However, the Tripwire document points out that a ransomware attack is a data integrity attack.

“Integrity is really at the heart of information security protections for any system,” says Ron Ross, Fellow for NIST. “Because if someone is able to indiscriminately change an application or a piece of data or the BIOS instructions or anything within the computing stack—whether the customer is aware or not aware of those changes—then that really attacks the basic underpinnings of an information system, along with everyone’s trust in it.”

The CIA Triad: Leave No Gaps

Ross’s statement brings to light the actual problem of an integrity compromise: trust. When we think of any time that we have lost faith in anything, we are reminded how long, if ever, it takes for us to trust again.

Whether you want to argue that this is “mincing words” or assert that confidentiality and availability are still the most important aspects of data security doesn’t matter. One thing is for certain: If we ignore any aspect of the CIA triad, we are not thinking like the enemy, thus leaving a gap in our defenses.

Ultimately, it’s an equilateral triangle, with no open ends and no side more important than the other. Each side flows with the next equally.

How NIST CSF Closes the Integrity Gap

The Tripwire white paper explores how the NIST Cybersecurity Framework (CSF) can be applied to close the integrity gap. Of course, the NIST CSF is best used in tandem with other NIST documents, such as Special Publication 800-53, which offers guidance on security controls for protecting information systems.

Insofar as Integrity, in the context of the CIA triad, is defined as “guarding against improper information modification or destruction and ensuring information non-repudiation and authenticity,” or in other words, ensuring that data remains in the same format in which it was originally stored, the NIST CSF preserves that state in a number of ways – and Tripwire is positioned “better than most” to help.

Here’s what NIST does.

While complex at first glance, the NIST CSF framework is basic at its core and comes down to several key functionalities, including Identify, Protect, Detect, Respond, Recover, and now Govern. When implemented fully, those functions enable organizations to keep their data and systems intact – or, in other words, preserve their integrity.

How Tripwire Helps You Comply with NIST CSF

And here is what Tripwire does.

Whether it be vulnerability assessment, asset identification, or change identification and impact, Tripwire solutions are already positioned to help organizations respond to the range of NIST requirements. Find out how Tripwire makes responding to NIST requirements an easier proposition and how it is uniquely prepared to do so.

It helps to consider what goes into preserving data integrity in the first place: safeguards that continually assess vulnerabilities (both hardware and software), real-time monitoring (both passive and active), and reporting on, investigating, and mitigating threats. To this end, Tripwire’s expanded support of NIST CSF (SP800-53) includes:

  • Automated security controls management
  • Continuous monitoring
  • Easy annual reporting

And more. Tripwire’s integrated suite of foundational controls delivers integrity assurance that is closely aligned with NIST guidance. Download a copy of the white paper to learn more.

Note: While the foundational principles of this whitepaper hold, especially in regard to Integrity, NIST 2.0 now includes a sixth key function, Govern. You can learn what’s new in NIST 2.0 here.



Source link