Trustwave SpiderLabs Uncovers Ov3r_Stealer Malware Spread via Phishing and Facebook Advertising. Learn More

Trustwave SpiderLabs Uncovers Ov3r_Stealer Malware Spread via Phishing and Facebook Advertising. Learn More

Services
Capture
Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

twi-managed-portal-color
Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

twi-briefcase-color-svg
Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

tw-laptop-data
Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

twi-database-color-svg
Database Security

Prevent unauthorized access and exceed compliance requirements.

twi-email-color-svg
Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

tw-officer
Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

tw-network
Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

Solutions
BY TOPIC
Microsoft Exchange Server Attacks
Stay protected against emerging threats
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Security Operations Platform
Trustwave Security Colony
Partners
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats

Achieving Cyber Resilience With a Proper Training Program

A critical part of improving a business’ cyber resilience is ensuring staff, including the executives and the board of directors, are all champions of promoting and driving awareness when it comes to cybersecurity.

Many company do have this understanding, and one way to measure the importance organizations are placing on cybersecurity is by expenditures. Gartner in May 2021 it expected that about $150.4 billion would be spent on security in 2021, a 12.4% increase from 2020, with security awareness education and phishing defense being a focus for many organizations.

It is quite understandable that spending is at this level when one considers that the average downtime a company experiences following a ransomware attack is 21 days, and the average cost to recover from such an attack is estimated at $2 million. The money spent on prevention will be repaid if an attack is prevented.

A company with better cybersecurity awareness and education has an improved chance of defending itself or in a worst-case scenario properly reacting to a cyberattack. This level of preparation includes embedding security across the business and aligning security to business objectives and strategies. This will help the company respond quickly to threats and continue to operate and recover during or post-attack.

Implementing a level of cyber resilience from top to bottom in an organization will ensure a shift in the security culture by enabling all personnel to help keep their organization secure. 

This is particularly true when it comes to dealing with some of the more common dangers, such as phishing campaigns. The vast majority of successful cyberattacks start with a phishing email. Employees must learn to treat every email as potentially dangerous, making sure links and attachments are legitimate before clicking one.

But phishing is just one threat.

Another emerging problem organizations must prepare for through education and training is ransomware, and specifically when that malware involves a Ransomware as a Service (RaaS) operation.

RaaS is the sale or lease of ransomware malware by its developers. Making the malware available “off the shelf” allows less technically capable criminal organizations to launch sophisticated attacks. RaaS is worrisome as it broadens the potential pool of threat actors to anyone with the funding and desire to launch such an attack.

However, while training is a necessity, an organization must be careful how a regimen is implemented.

One issue that arises when training is increased and emphasized is employee training fatigue. The ever-increasing level of mandatory training and awareness delivered to staff covering corporate, legal, and regulatory topics can lead to this very important education being seen as nothing more than a tick-in-the-box exercise and drain employee interest to fully participate and engage with the subject.

To tackle this challenge, organizations must deliver training that is engaging, authentic, and tailored to that organization.

One way to help retain worker interest is to conduct a crisis simulation. Such activities give participants invaluable experience of reacting during a realistic simulation and enable them to collaborate and hone their skills in a safe and controlled environment. 

Trustwave often facilitates Cyber Security Crisis Simulation Exercises. For each simulation workshop, the following considerations are made:

  • Work collaboratively with the client to understand the drivers and their objectives
  • Identify if the client requires a ‘standard’ simulation workshop or a fully bespoke workshop
  • Customize the workshop material to client requirements based on a number of ’injects’ (an ‘inject’ is akin to an ‘event’) escalating narrative.
  • Each narrative typically starts with a technical-orientated issue and builds to a full-blown operational crisis.
  • We bring workshops to life by using a series of interactive injects, briefings, and videos.
  • Workshop members are grouped into teams to discuss a solution after each inject. They then conduct a presentation after each inject, offering their thoughts to the wider group for discussion. 
  • Also, after each inject, workshop members will discuss what they could/should do at each stage.
  • The event, which usually lasts about four hours, concludes with the staff reinforcing the actions taken and covering the lessons learned.
  • Finally, the participants create an executive report on findings, data, observations, and recommendations.

 

Latest Trustwave Blogs

Mining Operations: Critical Cybersecurity Threats & Trends Revealed

Cybersecurity professionals often point out that threat actors do not differentiate when choosing a victim. To an attacker, a hospital is as useful a target as a law firm or even a mining operation....

Read More

Phishing: The Grade A Threat to the Education Sector

Phishing is the most common method for an attacker to gain an initial foothold in an educational organization, according to the just released Trustwave SpiderLabs report 2024 Education Threat...

Read More

Unlocking Cyber Resilience: UK’s NCSC Drafts Code of Practice to Elevate Cybersecurity Governance in UK Businesses

In late January, the UK’s National Cyber Security Centre (NCSC) issued the draft of its Code of Practice on Cybersecurity Governance. The document's goal is to raise the profile of cyber issues with...

Read More