More organizations appear to be heeding the advice to implement capabilities for detecting intrusions sooner, at least based on an analysis of data from breach investigations that security vendor Trustwave conducted for clients last year.

Read More 

Nearly every web application has at least one vulnerability, according to the 2017 Trustwave Global Security Report, released Tuesday. Of the apps scanned by Trustwave for the report, 99.7% included at least one vulnerability, with the mean number of vulnerabilities in web apps being 11.

Read More 

Yesterday, news broke that a file containing detailed personal information on 200 million Americans was stored on an unprotected server by a political contractor. The travails of Yahoo and its half a billion stolen records have been well documented. Breaches like these, focused on personal information, recently have shifted the focus of card-not-present fraud professionals toward new kinds of fraud based on personal information: account takeover, account creation and synthetic fraud.

Read More 

The largest share of data breach incidents involved the retail industry, closely followed by food and beverages, according to a new report. The 2017 Global Security Report from Trustwave shows that 22 percent of incidents involved the retail industry, followed by food and beverages at 20 percent.

Read More 

Hacking attacks against sales terminals have risen by nearly a third last year, and the US is still leading the way in being insecure. Incidents affecting sales tills and payment systems increased to 31 per cent in 2016, according to research by security firm Trustwave, while incidents affecting e-commerce environments fell to 26 per cent from 38 per cent. Incidents involving sales registers were most common in the US, thanks to its tardy adoption of EMV chip technology and a reliance on chip and signature rather than chip and PIN payment.

Read More 

Many organizations are getting better at cyber intrusion detection, according to a new report from Trustwave, the Chicago-based MSSP. The “2017 Trustwave Global Security Report” of cybercrime, data breach and security threat trends from 2016 indicated the median number of days from cyber intrusion to detection of a compromise fell from 80.5 in 2015 to 49 last year. In addition, the median number of days from cyber intrusion detection to containment was 2.5 in 2016, according to the report.

Read More 

News headlines continue to call our attention to the latest cyber attacks -- something that provides IT and security professionals with the daunting task of remaining steadfast on the unpredictable security battlefield. In fact, 53 percent of IT professionals felt more pressure to secure their organization last year, compared to 2015, according to the 2017 Security Pressures Report from Trustwave. However, contrary to what you would expect, the pressures are not just coming from the C-suite.

Read More 

The relationship between a manufacturer or vendor and security researchers can be filled with tension and unease, and it's most often put to the test during the vulnerability disclosure process. Although their intentions are pure, researchers often feel they are being shut out of the process, while vendors may see disclosure deadlines as a threat from researchers looking to produce headlines.

Read More 

As organizations wade deeper into digital technology, the pressure grows on IT and security professionals to keep systems up and running. What's more, as budgets shrink and the time required to manage and maintain security systems swells, the stress levels keep rising. A recent report from Trustwave, "2017 Security Pressures Report," offers some perspective on how organizations are addressing these issues, and how IT and security teams are faring.

Read More 

Tom Bain, vice president of marketing at CounterTack, believes organizations want to "collapse the stack" and move to fewer providers and platform offerings. They want less agents and ultimately not as many providers under the hood. “Taking technologies into a managed deployment gives an enormous advantage to MSSPs who can remove the burden from operators, monitoring and responding to threats on their behalf,” he said.

Read More 

Trustwave
Twitter Feed

Follow Us @Trustwave