TIGIR's Origin: The Research Philosophy
Security, especially cyber security, has been in a prolonged transition stage. For decades we have been using the same threat risk methodologies and the same means to calculate impacts and costs associated with the loss, disruption, damage and sabotage to IT systems as well as others.
With cyber in particular we have seen threats not only evolve in their technological sophistication but also in their asymmetry, where they now leverage various domains - social engineering for information, physical security, access credentials, data manipulation - along with technology to meet their agenda.
TIGIR was born after 15 years of doing the same thing over and over and getting the same deficient results: breaches. But we continued to perform Security Assessment and Authorization (SA&A) and Threat Risk Assessments (TRAs) the ‘old way’ – manually. Then we would arbitrarily purchase technological safeguards to plug the holes and fill the gaps. There had to be a better way.
Marrying multiple standards and tracking and monitoring of assessments were key, but so was tracking security incidents on assessed assets to understand what controls were working and what ones weren’t. Currently, much of the data gathering from security breaches stops short of analysis, little intelligence is collected, even less is shared.
For that reason, every assessment performed in TIGIR allows for detailed breach reporting that collects information using a reverse engineered forensic framework. The more breach reports that created, the more effective security controls become with the added value of attribution.
So that’s TIGIR 1.0 – and we can’t wait to release TIGIR 2.0, a full service supply chain security software built around TIGIR’s original risk functions.