Trustwave Rapid Response: CrowdStrike Falcon Outage Update. Learn More

Trustwave Rapid Response: CrowdStrike Falcon Outage Update. Learn More

Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

Database Security

Prevent unauthorized access and exceed compliance requirements.

Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

Offensive Security
Solutions to maximize your security ROI
Microsoft Exchange Server Attacks
Stay protected against emerging threats
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Security Operations Platform
Trustwave Security Colony
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats

CISO Data Headaches – CISO Data Solutions

Unquestionably, the expectations on a CISO are becoming ever more formidable. There’s an increasing amount to worry about and, as we’ve seen, attacks are getting more sophisticated and complex. It’s been said that data represents the “crown jewels” of organizational assets, and that’s never been truer than in 2021.

As somebody who regularly speaks to CISOs across different industries, sectors and levels of cyber maturity, I’ve seen first-hand where the headaches exist and what causes these headaches. While all organizations are different and have different risks, finding solutions for those headaches is possible. Here’s what I recommend.   

Too Much Data = Too Many Vulnerabilities

While having too much data isn’t necessarily a problem, it can lead to a form of analysis paralysis. Data gives us the ability to measure and track progress, but it shouldn’t prevent us from making inroads.

Vulnerability scans, penetration testing, threat hunts, expanding attack surfaces, multi-cloud environments, insecure APIs and the like can all produce oodles of security issues and data, and these security issues can compound over time and leave an organization vulnerable to attack.

Vendors will try and sell a solution that fixes all your problems in one go, the reality is that there is no such thing as a security silver bullet. Achieving security maturity is done by people, process and technology all working together to increase the internal cyber culture.

An example of this is when a user selects a “strong” password from the get-go, this decision was the product of good security culture and involved people, process and technology. This one event does not make an organization secure, it’s the compounding effect of hundreds of daily decisions that help increase cyber maturity.

Context is Key

Deciding what to fix and when to fix it is critical. While the security provider may well understand what your environment / application looks like, they may have some difficulty adding the appropriate level of context onto the issues.

Unfortunately, and unlike taking a headache tablet, there is no one solution to this problem. Fortunately, there are solutions that can be applied to increase cyber maturity for all organizations:

Concentrate on the Basics: It almost always comes down to the basics of information security. All too often we see organizations fail at the basics (patching, passwords and policy). We know that security at an enterprise level is difficult, nuanced and multifaceted. Ensuring that hosts and devices are not un-patched, that robust password management is in place and that security cannot be circumvented by weak policy is critical in ensuring cyber maturity.

Prioritize Key Systems and Hosts: Not all hosts are created equally, some are more important to a business than others. Where are the crown jewels and are they secured and hardened to a level that is acceptable? Are these systems externally facing or are they internal hosts? These are some of the questions that need to be asked, once this is decided, appropriate hardening can take place. It’s important to identify here that while the protection of key systems is important, it’s also key to harden any adjoining environments. This analysis should be done by a penetration tester.

Speak to your Security Provider: More often than not, the security provider will understand your environment as well as you do… consult them when you plan to make impactful security decisions or impactful decisions to your overall IT environment.  If they’ve recommended a fix for an issue and it isn’t practical for your organization, what other controls can be implemented to minimize risk to that asset?


2020 Trustwave Data Security Index

The 2020 Trustwave Data Security Index report depicts how technology trends, compromise risks and regulations are shaping how organizations’ data is stored and protected. The report is based on a recent survey of 966 full-time IT professionals who are cybersecurity decision makers or security influencers within their organizations. Over 75% of respondents work in organizations with over 500 employees in key geographic regions including the United States, United Kingdom, Australia and Singapore.

Latest Trustwave Blogs

How Cybercriminals Use Breaking News for Phishing Attacks

Trustwave SpiderLabs issued a warning that threat actors may attempt to take advantage of CrowdStrike’s software update that caused widespread outages by using the news as the center of a social...

Read More

Trustwave Response: CrowdStrike Falcon Outage Update

Trustwave is proactively assessing and monitoring our clients who may have been impacted by CrowdStrike’s recently rolled-out update for its Windows users. The critical issue identified with...

Read More

Accelerating Value for Microsoft Defender XDR, Copilot for Security, and Sentinel

The unparalleled capabilities encapsulated within Microsoft Defender XDR, Copilot for Security, and Sentinel can be powerful when an organization knows how to expertly tap into these resources. The...

Read More