Blogs & Stories

Trustwave Blog

The Trustwave Blog empowers information security professionals to achieve new heights through expert insight that addresses hot topics, trends and challenges and defines best practices.

CISO's Corner: The Top 3 Ransomware Preparedness Tips Most Organizations Are Missing

Today more than ever, companies are on high alert for ransomware attacks. Even as companies seek to protect themselves, however, they may not realize how the very nature of ransomware attacks has shifted. We spoke with David Bishop, CISO at Trustwave and Darren Van Booven, Lead Principal Consultant at Trustwave and former CISO of the U.S. House of Representatives, to discuss ransomware preparedness and what organizations might be missing from their cyber resilience strategy.

What You Need To Know About the New Essential 8 Mitigation Strategies

In July 2021, the Australian Cyber Security Centre (ACSC) released an update to its Essential 8 (the E8). Originally published in 2017 as an evolution of the Australian Signals Directorate’s Strategies to Mitigate Cyber Security Incidents, the E8 has been put forward as a baseline set of strategies that are most effective in making it harder for cyber adversaries to compromise an organisation’s systems.

The 10 Principles of Database Security

In today’s digital economy, data is the lifeblood of business. Protecting sensitive data has become more challenging for organizations in recent years.

Trustwave Recognized as a Top 10 MSSP by Cyber Defense Magazine

We are very excited to see Trustwave named as a Top 10 MSSP by Cyber Defense Magazine. This latest recognition is a welcome addition to our growing list of recent analyst and award validation that positions us as a leader in managed security services (MSS) and managed detection and response (MDR).

The 3 Biggest Pieces of the Healthcare Data Security Puzzle

Healthcare is unlike any other industry when it comes to cybersecurity. Criminals are prepared to take full advantage of the vulnerable nature of healthcare, as people are far more likely to comply if the threat relates to their private information and wellbeing. In fact, the end of 2020 saw a 45% increase in cyber attacks on healthcare organizations globally. What’s more, the pressure from legal regulations, including GDPR and HIPAA, is also a big motivation as most companies would struggle to pay the fines should they experience a data breach with subpar defenses in place.

Data Breaches on the Rise in Singapore – Is Your Company at Risk?

The COVID-19 pandemic dramatically pushed businesses to become more digital at an unprecedented pace and today – more than a year and a half after lockdowns first started – remote work remains the default work arrangement in many industries and countries around the globe. Yet, many businesses have not considered the unique cybersecurity needs of now-remote workers who are connecting to potentially unsecured home networks while accessing company resources from personal devices. This makes it more important than ever for your company to ensure the secure exchange of business information and sensitive data.

AI Won't Save Cybersecurity – People Will

For several years now, artificial intelligence (AI) and machine learning (ML) have been all the buzz in the cybersecurity industry. Solutions like Security Orchestration, Automation and Response (SOAR) platforms, as well as other AI and ML-powered technologies, are often portrayed as a cybersecurity savior – able to completely protect organizations from threats and fully automate the cybersecurity function. Though AI and ML are powerful tools, they are not a panacea.

How Banks Need to Evolve Security in the Age of the Cloud

As a high-profile target for breach attempts, banks are all too familiar with having a bullseye on their backs. Over the past ten years, there has been a massive industry shift in the financial services sector from compliance-based cybersecurity to proactive and predictive threat detection and response operations.

Trustwave's Action Response: Kaseya VSA Zero-Day Ransomware Attack

On the afternoon of Friday, July 2, reports indicated that the REvil ransomware gang was actively targeting managed service providers (MSPs) who use Kaseya Virtual System/Server Administrator (VSA) to manage the networks of other businesses with a zero-day attack.

Why Partnership Between the CISO and Internal Audit Is Critical To Achieving Cyber Resilience

Most security leaders look at Internal Audit as performing assessments or investigations and looking for deficiencies with a set due date and time. But today, internal audits are a continuous lifecycle. Internal Audit is constantly evaluating controls – even when it's the off-cycle for audits – to ensure controls are properly designed, operating effectively and the right people are in the right roles to perform the control activities.

Leadership Lessons in Managing Cloud Cyber-Attacks

One of the key themes discussed at the conference was the cloud. Reaching a state of cyber resiliency in the age of the cloud is one the biggest challenges security leaders and organisations across the state-level or enterprise-level face.

Stay Connected


Sign up to receive the latest security news and trends from Trustwave.

No spam, unsubscribe at any time.

Blog Categories

Trending Topics