Trustwave SpiderLabs Uncovers Ov3r_Stealer Malware Spread via Phishing and Facebook Advertising. Learn More

Trustwave SpiderLabs Uncovers Ov3r_Stealer Malware Spread via Phishing and Facebook Advertising. Learn More

Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

Database Security

Prevent unauthorized access and exceed compliance requirements.

Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

Microsoft Exchange Server Attacks
Stay protected against emerging threats
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Security Operations Platform
Trustwave Security Colony
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats

Discussing What Security Testing Is and Will Be

Since cyber-attacks are constantly evolving, security testing needs to evolve in response. But that rapid change can sometimes lead to confusion. To help organizations better understand security testing techniques, and how they can be used to help safeguard organizations, Mark Whitehead, Global Vice President, SpiderLabs Consulting, recently led his team in the creation of a new e-book, Once and Future Threats: What Security Testing Is and Will Be.

To learn more about what insights organizations and cybersecurity decision makers can glean from this book, we interviewed Mark.

Q.    What led to the creation of this new e-book?

Mark:   As we were creating the 2020 Trustwave Global Security Report, which is very data focused, I realized that the story that data sometimes doesn’t tell is about the risk that organizations have struggled to quantify for years. Especially the risk that large organizations face that can’t be automated away – and can’t always be prevented as part of a traditional security program.

So, we saw that there was an opportunity to talk to some of our top testers and our biggest clients to look at a whole body of work from over a year. That enabled us to tell a story from almost an attacker mindset on things that organizations should keep in mind when they’re evaluating what solutions they’ll need to put in place.

Q.   What is the biggest misconception about security testing?  

Mark:   You can automate certain things – but no one has been able to out-automate a persistent attacker that wants to go at your organization day and night, 365 days a year. Some organizations invest in a certain technology and then feel like they can check the “mission accomplished” box  -- but when you look at examples of attacks, some of which have been around for a long time – someone still needs to find the vulnerability.

There’s an art to finding vulnerabilities… and I think many organizations don’t always realize that. We tried to illustrate that with some examples in the e-book, so that we could help decision makers gain a clearer picture of why security testing is so important.

Q.   What are the trends in security testing that you think people should be aware of in 2020?

Mark:   There’s going to be a lot of emphasis on Open Source Intelligence (OSINT). There’s a lot of information out there that attackers can still use, and as more data is getting pushed out, especially with the increase in social media, there are more chances of major slip ups.

You’ll also start to see a lot more focus around cloud testing – and one thing I like to remind organizations of is that your cybersecurity company should be able to do security testing in the cloud, as it’s not that different from on-premises testing.

Internet of Things (IoT) and non-traditional form-factor devices will be another big area of concern — especially as they begin to intersect with 5G technology. Anytime new technologies come online, they bring with them new risks. A lot of organizations haven’t begun to think about the power of a phone or a TV stick that’s attached to their network. They should have prepared for that years ago and not in 2020 as even more diverse form factors enter enterprise networks.

Q.   How can organizations create an integrated approach to their security management? Are there any key services or solutions that can help?

Mark:   Everyone is starting to realize that there is no silver bullet. But when you look at the keys of security management, I always go back to the National Institute of Standards and Technology (NIST) security framework.

When I look at what makes a good security program, I believe organizations who incorporate a framework like NIST into their approach are more successful – because it helps them define what their program is working towards. Can your security help your organization Identify, Protect, Detect, Respond and Recover? If not, what are you wasting your time on? Testing services and solutions are huge – because they help organizations know their assets and find out where those assets are vulnerable.

Environments have become so big that organizations realize they need to focus on critical assets, to ensure they are able to respond and recover from the inevitable breaches that will take place. When you talk to many CISOs across industries, the newer CISOs are staying awake wondering when a breach will happen. Experienced CISOs assume that a breach is happening and focus on how to quickly identify and respond to it.

I think that’s the mind-shift that can help organizations as they build out their security management – assume that attacks will happen. Then ensure you have both the proactive and reactive services to handle it, in addition to finding ways to automate very simple things. 

Q.   What is the key takeaway from this book that you think would be helpful to other cybersecurity leaders?

Mark:   The reason we wrote the e-book is there’s a lot of confusion out in the market. For example: Does a vulnerability assessment do a penetration test? Is a penetration test a red team?  This e-book will help cybersecurity leaders understand and define those kinds of concepts, so they can better utilize them to help their cybersecurity.

Another takeaway I hope people take from the book is a better understanding of what Trustwave SpiderLabs does and how we align with some of the other cybersecurity firms out there. Because by better defining the industry nomenclature, we can collectively create a better understanding of what we all do, and help our customers better understand how we create value for them.

Download the complimentary e-book, Once and Future Threats: What Security Testing Is and Will Be, to learn more about security testing techniques and how they can be used to benefit your organization.

Evan Sharenow is the content marketing manager at Trustwave.

Latest Trustwave Blogs

Unlocking Cyber Resilience: UK’s NCSC Drafts Code of Practice to Elevate Cybersecurity Governance in UK Businesses

In late January, the UK’s National Cyber Security Centre (NCSC) issued the draft of its Code of Practice on Cybersecurity Governance. The document's goal is to raise the profile of cyber issues with...

Read More

Defending Healthcare Databases: Strategies to Safeguard Critical Information

The healthcare sector continues to be a primary target for threat actors, with 2023 seeing a record number of data breaches and compromised records. While successful attacks are inevitable, it’s...

Read More

Trustwave SpiderLabs: Ransomware Gangs Dominate 2024 Education Threat Landscape

The security teams manning the defenses at the higher education and primary school system levels often find themselves being tested by threat actors taking advantage of the sector's inherent cyber...

Read More