With cybersecurity challenges increasing by the day, ‘keeping security up to par’ has become the prime mission for almost every business today. Enterprises need to identify the threat, determine its source, and eliminate it before the threat starts impacting the bottom line of the company. This is where file integrity monitoring (FIM) software plays a key role. FIM software enhances an organization’s cybersecurity measures by monitoring suspicious activity at the host, ensuring that any changes to critical system file locations and operating system files are identified and the security team is immediately alerted. Tapping into the leading-edge capabilities of the FIM process, Cimcor developed its flagship software product CimTrak, an advanced monitoring tool for servers, network devices, databases, and critical workstations.
In an interview with CIO Applications, Robert E. Johnson, III, president and CEO of Cimcor, shares his valuable insights on the cybersecurity industry and how Cimcor is protecting organizations against cyber attacks with its innovative suite of solutions and services.
Give us an overview of the major pain points in the current cybersecurity landscape. How is Cimcor addressing them?
Zero-day attacks, which have steadily evolved in their complexity and danger, are on the rise. These threats continue to overwhelm the critical IT infrastructure and exacerbate the existing challenges in protecting an enterprise. The need of the hour is to understand the zero-day vulnerabilities, the way they work, and then take steps accordingly to protect organizations against such attacks. This is where our product, the CimTrak Integrity Suite, comes into play. It helps enterprises identify changes in real time by providing direct and actionable insights.
The other major challenge is that many C-level executives may not adequately understand their organization’s cyber exposure and how attackers can exploit the information they gather to execute targeted attacks. It is imperative for employees as well as C-suite executives get a clear idea of the nature of cyber threats and the way those translate into business and technological risks. This line of thinking will help business leaders perceive the vital aspects needed to drive a top-down security-focused culture.
Could you elaborate on the CimTrak integrity suite and its unique features and functionalities?
CimTrak is a comprehensive file integrity monitoring and compliance software application that provides organizations with a detailed audit trail of the changes being made to any file. Every time a change is detected, CimTrak captures the exact moment it occurs at along with the information on who, what, where, when, and how the changes are made. This, coupled with the software’s unprecedented ability to take instant action upon detection of change, is what makes it superior to other FIM solutions and assures organizations that their IT assets are always in a secure and compliant state.
Every time a change is detected, CimTrak captures the exact moment it occurs at along with the information on who, what, where, when, and how the changes are made
The CimTrak Integrity Suite is an all-in-one, easy-to-use, cost-effective file integrity monitoring tool that protects any type of file, be it a document, executable script, application program, database schema, or OS file. The solution also helps organizations comply with regulations such as PCI DSS, NERC-CIP-007, and NERC-CIP-010-2. In addition, CimTrak integrates with structured threat information expression (STIX) 1.0/2.0 and trusted automated exchange of indicator information (TAXII) thread feeds. This constant stream of threat data provides the software with additional information which leads to even greater insights into an organization.
Moreover, the software suite was recently updated to CimTrak Integrity Suite Version 4.0, designed to seamlessly integrate with a wide variety of threat feeds and utilize the data to help organizations automate the detection and documentation of all changes within the IT infrastructure. Simplifying the process of identifying, triaging, and responding to security-related events is the core of this updated version. With this update, our mission is to help transition the industry beyond ‘file integrity monitoring’ to a more advanced concept of complete ‘system integrity monitoring.’
What according to you makes Cimcor stand apart from the rest?
There are numerous aspects that make us who we are. Our customer-centric approach and the methodology we follow in terms of onboarding our clients are two of the prime factors. We listen to what our customers’ immediate needs are and comprehend what is important to them, which encompasses understanding their infrastructure, security objectives, and regulatory requirements.
Furthermore, the ease of use, complete coverage, seamless integration, and low total-cost-of-ownership of CimTrak makes us stand apart in the FIM solutions marketplace. We assist our customers at every step of deployment, from the very beginning until the end. We also have a world-class support team that is always willing to go the extra mile to fulfill all of our customers’ needs.
Some of the major network manufacturers we support include Cisco, Extreme, F5, HP, and Fortinet.
Please share a case study that highlights Cimcor’s value proposition in assisting clients to overcome their security challenges and attain the desired outcome.
We partnered with a bank that had several servers spread out across multiple countries and needed a way to monitor all of the servers, ensuring that no modifications occurred. In addition, they required a tool to help meet SWIFT requirements. We worked with them and developed a solution that met their global need to monitor other servers and make sure proper audits were in place.
Could you talk about what spurred the inception of Cimcor and what does the future hold for the company?
When we started in 1997, we initially focused on process automation and control of manufacturing facilities. Over time, we realized that in spite of having specialized computers and automated equipment on the plant floor, the manufacturing facilities lacked controls that could ensure seamless and secure production. That was when we decided to create a solution that would help protect the plant floor as well as identify the unusual changes made to specialized control systems in the manufacturing facility. It led us to develop our flagship product CimTrak. Over the years, we upgraded the solution and added new features that include real-time monitoring and self-healing or restore capabilities.
All of Cimcor’s monitoring tools are the result of our vision to be the most complete integrity monitoring solutions provider in the marketplace.
In the days to come, we will keep adding advanced features to the product suite that will provide the ability to monitor platform as a service (PaaS) and infrastructure as a service (IaaS) based applications. We will also continue to expand our partner network and global presence. We are currently active in 23 countries and plan on expanding that in the next 6-12 months.