Guards guarding the guardians.
How Tennessee Department of Transportation approaches data protection and log file integrity with Chainkit
Dr. Richard White, Cybersecurity Architect, shares how approached the challenge of securing the IT and IT infrastructure to prepare the State of Tennessee for the future of autonomous transport.
“Chainkit is an enterprise-grade cyber security solution, ideal for invisible tamper-detection, attestation and regulatory compliance and real-time risk management.”
—Andy Nallappan, Broadcom
Broadcom uses Splunk Enterprise Security on premises with a scalable combination of search heads, indexers, and forwarders. Data is collected from a myriad of sources and provides a universal view of logs from across the company.
One of the ISO 27001 controls (12.4.2 Protection of Log Information) requires a company to protect the logs from any tampering. Contrary to what one might think, Broadcom had already met and satisfied this control objective by using industry standard best practices including controls on the servers, appropriate access roles, and defense in depth. However, expert analysis by their Security team revealed that these existing control mechanisms still left gaps that could still be exploited by attackers.