In December of 2020, perhaps the most devastating cybersecurity breach to date took place. It was discovered that a highly sophisticated, advanced persistent threat (APT) infiltrated SolarWinds, a popular network management solution to several federal government agencies.

Today’s manufacturing industry is straddling a line between traditional, legacy operations and modern times. While manufacturing facilities across the nation are more internet-connected than ever, the cybersecurity practices at most have lagged – putting the industry at great risk.

As a high-profile target for breach attempts, banks are all too familiar with having a bullseye on their backs. Over the past ten years, there has been a massive industry shift in the financial services sector from compliance-based cybersecurity to proactive and predictive threat detection and response operations.

The recent Kaseya VSA ransomware attack compromised approximately 60 MSPs and 1,500 of their respective clients’ systems, resulting in more than one million individual lockups.

On the afternoon of Friday, July 2, reports indicated that the REvil ransomware gang was actively targeting managed service providers (MSPs) who use Kaseya Virtual System/Server Administrator (VSA) to manage the networks of other businesses with a zero-day attack.

Most security leaders look at Internal Audit as performing assessments or investigations and looking for deficiencies with a set due date and time. But today, internal audits are a continuous lifecycle. Internal Audit is constantly evaluating controls – even when it's the off-cycle for audits – to ensure controls are properly designed, operating effectively and the right people are in the right roles to perform the control activities.

One of the key themes discussed at the conference was the cloud. Reaching a state of cyber resiliency in the age of the cloud is one the biggest challenges security leaders and organisations across the state-level or enterprise-level face.

The daily work of an Information Security Advisors (ISA) at Trustwave is as diverse as our client base. I recently spoke with two of our leading advisors on the Pacific team to learn more about what they do for our clients.

EDR and XDR are both impactful technologies on their own; combined with MDR, these solutions can take visibility and efficiency to the next level. Security Operations Center (SOC) can require an in-depth understanding of a variety of cybersecurity solutions and how they work together and complement each other.

The COVID-19 pandemic created enormous challenges for businesses worldwide – and cybersecurity challenges were prominent among them.

As a managed security services provider (MSSP), you are expected to be right all of the time. A malicious attacker only has to be right once to successfully break into an organization's environment. This means that having world-class operations with rich, timely threat intelligence is absolutely critical to the success of a top MSSP.

What if the current handwringing around a cyber skills shortage was overdone? What if the problem facing cybersecurity isn’t the lack of the right training or the correct academic degree, but the failure to apply the best lens through which to assess those entering the field?

The cybersecurity threat landscape is continuously evolving, with the frequency and impacts of threats like malware and ransomware increasing every year. Today, organizations of all sizes and in every industry sector must be proactively searching for emerging threats and actively monitoring risk to protect themselves – and respond quickly in the event that a threat is identified. Amid this challenging threat landscape, organizations are struggling to find enough cybersecurity professionals to staff their teams. Globally, there is a cybersecurity worker shortage of nearly 4 million. So how can companies undertake proactive threat detection and response during a vast skills shortage?

In the new 2021 Email Threat Report from Trustwave, we break down real-life examples of the latest email threats and critical trends from the past year to help you gain an understanding of the current landscape so you can prepare your email security strategy.

You may have heard the news. Trustwave was recently named a finalist in Palo Alto Networks’ Professional Services Awards for Customer Excellence.

In one of the most high-profile attacks on critical infrastructure in recent years, operations at the company were shut down on May 7 after a hacker group, now identified as DarkSide by the FBI, launched a ransomware attack against the organization in an attempt to extort millions of dollars.

Password security has become even more critical in the age of remote work. With more corporate devices online and more new user account creation than ever before, strong passwords take center stage as one of the first lines of defense against hackers.

Security teams must start preparing now for the ways security testing will need to be different when people start returning to the office and businesses ramp up.

Utilizing the cloud in some capacity for your organization’s infrastructure – whether hybrid or public – has immense benefits.

Most of you that are familiar with Secure Email Gateway products know the MailMarshal name and know that its name was changed to Trustwave Secure Email Gateway almost ten years ago when Trustwave acquired M86 Security.  Over the years, MailMarshal, known for its email threat protection and detection accuracy, continues to be recognized by many across the industry and has retained a decades-long and loyal client base.