Trustwave SpiderLabs Uncovers Ov3r_Stealer Malware Spread via Phishing and Facebook Advertising. Learn More

Trustwave SpiderLabs Uncovers Ov3r_Stealer Malware Spread via Phishing and Facebook Advertising. Learn More

Services
Capture
Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

twi-managed-portal-color
Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

twi-briefcase-color-svg
Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

tw-laptop-data
Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

twi-database-color-svg
Database Security

Prevent unauthorized access and exceed compliance requirements.

twi-email-color-svg
Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

tw-officer
Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

tw-network
Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

Solutions
BY TOPIC
Microsoft Exchange Server Attacks
Stay protected against emerging threats
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Security Operations Platform
Trustwave Security Colony
Partners
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats
News Releases

Trustwave 2011 Global Security Report Reveals Shift in Cybercrime

CHICAGO (January 19, 2011) - Today Trustwave unveiled its 2011 Global Security Report, which reveals the target of attacks has shifted from traditional infrastructure to mobile users and endpoint devices. Research from Trustwave's SpiderLabs-the company's advanced security team responsible for application security, incident response, penetration testing and security research-found that malicious tools became more customized, automated and persistent in 2010. This trend combined with the popularity of mobile devices and social media is providing the perfect recipe for cybercriminals looking to compromise business, customer and user private and sensitive information. The report offers analyses of data compromise investigations, offensive security exercises and defense strategies taken directly from Trustwave's expansive global client base.


  Key Report Findings  

  • Food and beverage regained its title as the most breached industry-representing 57% of the investigations.
  • Third-party vendors continue to put companies at risk-88% of breaches resulting from insecure software code or lax security practices in the management of third-party technology.
  • Cybercriminals got fresh in 2010-because in-transit credit card data is usually more recently created (more fresh) than stored data, 66% of investigations found the theft of data in transit.
  • A single organized crime syndicate may be responsible for more than 30% of all 2010 data breaches.


  Evolving Threats  

  • Among the most interesting and surprising elements of the report is the rate and sophistication of attacks against mobile platforms and social networking sites. As the security of mobile networks has improved, mobile devices are increasingly the target of attacks, while social networking sites are quickly becoming cybercriminals' platform of choice to expand and propagate destructive botnets. Drive-by infections and mobile phishing attacks were among the most popular client-side attacks in 2010.
  • Geolocation data is helping cybercriminals launch more sophisticated and targeted attacks against social networks.
  • Mobile devices offer cybercriminals an open door to corporate authentication credentials, sensitive data and trade secrets.
  • Anti-virus software is losing the battle against malware-the new breed of malware is virtually undetectable by current scanning software.


  Top Strategic Security Initiatives for 2011
 A key take-away from the report is that attacks are often successful in organizations that believed a comprehensive data security strategy was in place. For executives and managers who are tasked with ensuring their company does not suffer a security event, the report offers specific guidance for 2011.

  • Assess, Reduce and Monitor Client-Side Attack Surface: Monitor and inventory applications to measure adherence to standards and evaluate risk.
  • Embrace Social Networking, but Educate Staff: An established policy and education can help protect against attacks originating from social networking tools.
  • Develop a Mobile Security Program: Gaining control over configurations of mobile devices will help reduce risk.
  • Enforce Security Upon Third Party Relationships: Choose a platform and vendor with a solid security history, and require vendors to undergo third-party security testing.

Robert J. McCullen, chairman and CEO of Trustwave, "In 2011 and beyond, organizations that approach their initiatives firmly committed to including security as an integrated requirement, and not just as a checkbox, will be most resilient to attack, reduce their risk to compromise, and be able to best protect both sensitive data and reputation."

Nicholas J. Percoco, senior vice president and head of SpiderLabs, "Over the past year, we spent a great deal of time digging deeper to provide readers with the most comprehensive information security report available. This year, we not only include expanded analysis of our compromise investigations, but also take a new look at the expanding and evolving landscape of data security vulnerabilities."

Report Methodology

The foundation of Trustwave's Global Security Report 2011 is data from real-world investigations and research that SpiderLabs performed in 2010. Results are based on information gathered from over 200 data breach investigations, 2,300 penetration tests and other security-as-a-service (SaaS) activities conducted for our clients. Standardized tools were used to record data, as well as other relevant details for each case or test.

About Trustwave

Trustwave is a leading provider of on-demand and subscription-based information security and payment card industry compliance management solutions to businesses and government entities throughout the world. For organizations faced with today's challenging data security and compliance environment, Trustwave provides a unique approach with comprehensive solutions that include its flagship TrustKeeper® compliance management software and other proprietary security solutions including SIEM , WAF , EV SSL certificates  and secure digital certificates . Trustwave has helped hundreds of thousands of organizations-ranging from Fortune 500 businesses and large financial institutions to small and medium-sized retailers-manage compliance and secure their network infrastructures, data communications and critical information assets. Trustwave is headquartered in Chicago with offices throughout North America, South America, Europe, Africa, Asia and Australia. For more information, visit https://www.trustwave.com/en-us/.

Latest News Releases

New Trustwave SpiderLabs Research Exposes Unique Cybersecurity Threats Facing Education Industry

Chicago – February 22, 2024 – Trustwave, a leading cybersecurity and managed security services provider, today released comprehensive research uncovering unique cybersecurity threats faced by...

Read More

Trustwave MailMarshal Now Available on Microsoft Azure Marketplace

Chicago – February 1, 2024 – Trustwave, a global cybersecurity and managed security services leader, today announced the availability of Trustwave MailMarshal on the Microsoft Azure Marketplace, an...

Read More

Aquion and Trustwave Announce Strategic Partnership to Boost Cybersecurity in Australia and New Zealand

Sydney, Australia - Jan 30, 2024 - Aquion, a specialist in value-added software distribution, proudly announces its strategic partnership with global managed cybersecurity leader Trustwave. This...

Read More