Loading...
Blogs & Stories

Trustwave Blog

The Trustwave Blog empowers information security professionals to achieve new heights through expert insight that addresses hot topics, trends and challenges and defines best practices.

Cybersecurity in the Year Ahead: Trustwave 2022 Cybersecurity Predictions – Part 2

In 2021, the cybersecurity industry was truly tested. Most notably, we uncovered the deeper fallout from the SolarWinds attacks, combatted the proliferation of advanced ransomware gangs and a surge in vulnerability exploitation, and saw fragile supply chain and critical infrastructure more targeted by attackers than ever.

Zero Trust: Public and Private Sectors Facing Similar Risks

The importance of Zero Trust is derived from how it functions. Instead of focusing on protecting a physical network, a Zero Trust network works by focusing on securing the resources that reside on or have access to the network such as data, identities, and services.

The Network Effect and the Search for Resilient Email Security

In the IT industry, this statement, or something like it, is said regularly — usually corresponding with the rise of a new communication or collaboration platform. Each time this happens, it's prudent to remember a general rule around tools: as long as they retain specific advantages for the human beings using them, they generally endure.

MDR Provider, MSSP or Both? Focus on the Capabilities You Need

Over the last several years, Managed Security Service Providers (MSSP) have evolved, and some have started offering Managed Detection and Response (MDR) services as part of their overall security solution. However, an MSSP lacking MDR capability simply cannot provide the same level of security, particularly in today’s quickly changing environment that has seen remote and hybrid work become the norm.

Cybersecurity in the Year Ahead: The Trustwave 2022 Cybersecurity Predictions

In 2021, the cybersecurity industry was truly tested. Most notably, we uncovered the deeper fallout from the SolarWinds attacks, combatted the proliferation of advanced ransomware gangs and a surge in vulnerability exploitation, and saw fragile supply chain and critical infrastructure more targeted by attackers than ever.

The Importance of Speed During Detection and Response: Iranian-Backed Hackers Targeting U.S. Companies with Ransomware

Iranian government-sponsored advanced persistent threat (APT) actors are exploiting known Microsoft and Fortinet vulnerabilities to attack targets with ransomware in the transportation, healthcare and public health sectors, according to an alert issued on Nov. 17 by the Cybersecurity and Infrastructure Security Agency (CISA).

Crisis Simulation: The 4 Most Common Cybersecurity Incident Shortfalls

For an organization to be resilient, key personnel must be acutely aware of their roles and responsibilities before, during and after a high severity cybersecurity incident. A cybersecurity crisis scenario simulation can be invaluable to pressure test both the assembled teams and the documented processes designed for such circumstances.

3 Ways Your Threat Hunting Program Could Be Failing You

As a concept, threat hunting has a somewhat glitzy name and, on the surface, may appear to be a project that an organization can pull off by simply adding a couple of automatic detection tools and then tasking a few security staffers to keep an eye on the results that pour in.

Europol Operation Targets Ransomware Operators

Europol, the European Union’s law enforcement agency, on Oct. 26, targeted 12 individuals in raids, all of whom allegedly participated in multiple ransomware attacks striking an estimated 1,800 victims in 71 countries.

Why Now Is the Right Time To Remote Pen Test

The COVID-19 pandemic continues to cause travel restrictions and has reshaped how businesses function, with many pushing large portions of their staff into a work-from-home environment. Still, these limitations do not mean an organization has to accept second-tier cybersecurity.

Deepfakes: What To Do When Something Is Not What It Appears

On Nov. 5, Georgia Turnham, Security Advisor at Trustwave SpiderLabs, will conduct a webinar discussing the emerging threat known as 'Deepfakes'. During this session, Turnham will talk about the scale of the issue, its unfettered growth and the continual improvements that make them believable.

Nobelium Targeting Resellers and Service Provers

The Russia-based cyber gang Nobelium, which is believed to be responsible for the December 2020 SolarWinds attack, is on the move again, targeting resellers and IT service providers attempting to infiltrate their customer’s systems.

Trustwave Accelerates Its MDR Leadership Momentum

As a top global cyber defender, Trustwave has rapidly evolved over the years to meet the needs of our clients, the demands of the market, and effectively combat new and complex threat actors around the world. Today, we announced the divestiture of SecureTrust and Trustwave’s FLEX business to Sysnet Global Solutions.

Hybrid and Remote Work is Here to Stay: What Does This Mean for Cybersecurity?

Gone are the days when remote work was the exception and the most distributed employee was the salesperson on the road. As remote and hybrid work become the predominant work structure for organizations, and the new rules of engagement are only beginning to be solidified – most CISOs are asking themselves: how doessecurity need to change?

Stay Connected


Subscribe

Sign up to receive the latest security news and trends from Trustwave.

No spam, unsubscribe at any time.


Blog Categories


Trending Topics