Trustwave SpiderLabs Uncovers Ov3r_Stealer Malware Spread via Phishing and Facebook Advertising. Learn More

Trustwave SpiderLabs Uncovers Ov3r_Stealer Malware Spread via Phishing and Facebook Advertising. Learn More

Services
Capture
Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

twi-managed-portal-color
Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

twi-briefcase-color-svg
Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

tw-laptop-data
Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

twi-database-color-svg
Database Security

Prevent unauthorized access and exceed compliance requirements.

twi-email-color-svg
Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

tw-officer
Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

tw-network
Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

Solutions
BY TOPIC
Microsoft Exchange Server Attacks
Stay protected against emerging threats
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Security Operations Platform
Trustwave Security Colony
Partners
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats

CISO Data Headaches – CISO Data Solutions

Unquestionably, the expectations on a CISO are becoming ever more formidable. There’s an increasing amount to worry about and, as we’ve seen, attacks are getting more sophisticated and complex. It’s been said that data represents the “crown jewels” of organizational assets, and that’s never been truer than in 2021.

As somebody who regularly speaks to CISOs across different industries, sectors and levels of cyber maturity, I’ve seen first-hand where the headaches exist and what causes these headaches. While all organizations are different and have different risks, finding solutions for those headaches is possible. Here’s what I recommend.   

Too Much Data = Too Many Vulnerabilities

While having too much data isn’t necessarily a problem, it can lead to a form of analysis paralysis. Data gives us the ability to measure and track progress, but it shouldn’t prevent us from making inroads.

Vulnerability scans, penetration testing, threat hunts, expanding attack surfaces, multi-cloud environments, insecure APIs and the like can all produce oodles of security issues and data, and these security issues can compound over time and leave an organization vulnerable to attack.

Vendors will try and sell a solution that fixes all your problems in one go, the reality is that there is no such thing as a security silver bullet. Achieving security maturity is done by people, process and technology all working together to increase the internal cyber culture.

An example of this is when a user selects a “strong” password from the get-go, this decision was the product of good security culture and involved people, process and technology. This one event does not make an organization secure, it’s the compounding effect of hundreds of daily decisions that help increase cyber maturity.

Context is Key

Deciding what to fix and when to fix it is critical. While the security provider may well understand what your environment / application looks like, they may have some difficulty adding the appropriate level of context onto the issues.

Unfortunately, and unlike taking a headache tablet, there is no one solution to this problem. Fortunately, there are solutions that can be applied to increase cyber maturity for all organizations:

Concentrate on the Basics: It almost always comes down to the basics of information security. All too often we see organizations fail at the basics (patching, passwords and policy). We know that security at an enterprise level is difficult, nuanced and multifaceted. Ensuring that hosts and devices are not un-patched, that robust password management is in place and that security cannot be circumvented by weak policy is critical in ensuring cyber maturity.

Prioritize Key Systems and Hosts: Not all hosts are created equally, some are more important to a business than others. Where are the crown jewels and are they secured and hardened to a level that is acceptable? Are these systems externally facing or are they internal hosts? These are some of the questions that need to be asked, once this is decided, appropriate hardening can take place. It’s important to identify here that while the protection of key systems is important, it’s also key to harden any adjoining environments. This analysis should be done by a penetration tester.

Speak to your Security Provider: More often than not, the security provider will understand your environment as well as you do… consult them when you plan to make impactful security decisions or impactful decisions to your overall IT environment.  If they’ve recommended a fix for an issue and it isn’t practical for your organization, what other controls can be implemented to minimize risk to that asset?


17230_2020-data-security-cover
RESEARCH REPORT

2020 Trustwave Data Security Index

The 2020 Trustwave Data Security Index report depicts how technology trends, compromise risks and regulations are shaping how organizations’ data is stored and protected. The report is based on a recent survey of 966 full-time IT professionals who are cybersecurity decision makers or security influencers within their organizations. Over 75% of respondents work in organizations with over 500 employees in key geographic regions including the United States, United Kingdom, Australia and Singapore.

Latest Trustwave Blogs

Defending Healthcare Databases: Strategies to Safeguard Critical Information

The healthcare sector continues to be a primary target for threat actors, with 2023 seeing a record number of data breaches and compromised records. While successful attacks are inevitable, it’s...

Read More

Trustwave SpiderLabs: Ransomware Gangs Dominate 2024 Education Threat Landscape

The security teams manning the defenses at the higher education and primary school system levels often find themselves being tested by threat actors taking advantage of the sector's inherent cyber...

Read More

LockBit Takedown: Law Enforcement Disrupts Operations, but Ransomware Threats Likely to Persist

The news that US, UK, and other international law enforcement agencies disrupted LockBit is welcome, as stopping any threat group activity is always a positive. The unfortunate aspect is this blow...

Read More