“Firewalls can’t solve today’s most urgent security priorities. After all, more than 80 percent of network traffic is inside the perimeter.” Guardicore Centra / Forrester
Automated misconfiguration detection and remediation for firewalls, switches and routers in retail environments
The retail industry is moving at pace with new and emerging technologies that are revolutionizing the retail experience. Retailers are embracing social media, online shopping and digital payment technologies whilst also focusing on improving user experience.
This undoubtedly presents huge opportunities to retail organizations, however, it also increases vulnerability to cybersecurity attacks. Over 11 billion consumer records have been compromised in the last decade, with payment card information often the target of malicious attacks. This has resulted in a rise in enforcement notices, financial penalties and even prosecutions of retailers that have failed to protect consumer data.
However, the risk of reputational and financial damage associated with a payment card data breach is significantly reduced by compliance with the Payment Card Industry Data Security Standards (PCI DSS). Established in 2006 by a council made up of major card brands, the PCI DSS is a set of industry standards designed to ensure all organizations that handle credit card information do so securely.
Nipper has been supporting compliance with PCI DSS by helping advanced cyber teams make credible, risk-based decisions to improve network security and protect critical networks against increasingly sophisticated exploits. Nipper’s accurate configuration assessments enables users to detect misconfigurations in firewalls, switches and routers, as well as determining their impact to the network if exploited, the ease of exploitation, and ease of fix - in order to prioritize remediation workflows by risk criticality.
Nipper Enterprise is now providing this capability at scale, enabling the assessment of up to 300,000 devices on an up-to-hourly basis, and the roadmap to automatically remediate vulnerabilities and insecure configurations in order to help organisations establish a defendable network.
- Reduce audit times by up to 80%
- Detect all misconfigurations, even in air-gapped environments
- Prioritize security risk by criticality
- Improve MTTR with device specific remediation advice and command-line fixes
Automate RMF assurance:
- Assure compliance for PCI DSS and other RMF
- Assessor-ready reports of compliance with 94% of PCI testing procedures relating to network devices
Establish a defendable network:
- Accurate RMF snapshots and real-time evidence of compliance
- Continuous assessment of firewalls, switches and routers
- Daily configuration drift monitoring
- Roadmap to playbook-controlled auto-remediation
Titania is proven to protect critical infrastructure
Minimize cyber risk across your business’ mission critical networks with PCI DSS 4.0 compliance
PCI DSS 4.0 boasts some of the most significant changes to the standard since 2004, reflecting the increase in risk the industry now needs to mitigate.
In fact, the council has been leading the way for a long time, having recommended segmentation of the Cardholder Data Environment in many of it's previous iterations. Of course, segmenting other critical parts of the network beyond the CDE will significantly reduce non PCI-business risk associated with a breach of the confidentiality, integrity, or availability of critical operational systems and/or data.
PCI DSS 4.0 also recommends:
- Risk assessing all types of devices - including firewalls, switches and routers and
- Where automation allows all devices, rather than a sample, should be compliance assessed
- It promotes security as a continuous process
- Risk assessment should drive the periodicity of checks
This kind of proactive security is key to protecting networks from preventable attacks. It acknowledges that security within the network boundary is as important as the security on devices forming the perimeter. The aim being to verify that all devices maintain a secure configuration that matches both network policy and functional intent, at all times. This is why retail organizations around the world are choosing Titania to gain visibility of their security posture and compliance status across their expanding attack surface.
