
Managing Risk Appetite: Balancing Cybersecurity and Business Growth
Determining, dealing with, and accepting a certain level of risk will always be a top priority for the members of any C-Suite.

Final Cybersecurity Awareness Month Thoughts: Don't Get Hooked By a Phishing Email
We close out Cybersecurity Awareness Month for 2023 with a few final points that show that a company's security is a team sport, one in which everyone must participate.

How a Database Risk Assessment Reduces the Risk of a Cyberattack
Database security often, and to an organization's detriment, falls between the cracks as security and IT teams scramble to stay on top of daily cyber hygiene tasks and deal with..

Strong Passwords and MFA: Two Easy Fixes to Enhance Your Cybersecurity Posture
As 2023 Cybersecurity Awareness Month continues, let's look at a couple of the areas the Cybersecurity and Infrastructure Security Agency (CISA) and National Cybersecurity..

Focus on these 3 Areas to Develop a Strong Cybersecurity Posture With Fewer Resources
Not every organization's security apparatus is built or funded at the same level. For smaller organizations or those with other needs competing for budget, here are some points..

10 Dynamic Principles for Crafting a Robust Database Security Strategy
The digital world relies on data, which because of its considerable value, is constantly targeted by skilled cybercriminals who have spent years developing methods and tools to..

The Beauty of a Red Team Exercise: When One Discovery Leads to Potentially Saving Lives
What started out as a standard Red Team test designed to check the security capabilities of several Australian hospitals, led to a chain of events that eventually uncovered..

How Trustwave Uses Enterprise Penetration Testing to Fortify a Client's Defensive Posture
Anyone who has played a Tower Defense-style game, (Plants Vs. Zombies being a favourite) knows the only way to hold off the hoard of brain-eating zombies is to know your..

Maximising Your Microsoft Security Environment
If you're a Microsoft-focused organization you may be able to leverage the technology you already have to become more secure.

9 Steps to Protect Against the Next MOVEit/MFT Attack
By now, the facts of the recent MOVEit breach are well known (although the victim total keeps climbing), but it never hurts to be reminded that these attacks do not take place in..

How to Build a More Secure and Resilient Supply Chain
For threat actors looking to create widespread damage, attacking a third-party supplier with services and software that organizations can’t always control the security measures..

Attack Surface Management: Challenges, Myths, and Solutions
In the modern era of interconnectedness and digitalization, the risk of cyber threats has increased in complexity and persistence. Organizations must adopt a proactive and..

Stopping Threat Actors from Gaining Initial Access
The recent Trustwave SpiderLabs report, Cybersecurity in the Healthcare Industry: Actionable Intelligence for an Active Threat Landscape, offers a detailed look at the typical..

Offensive Security and the Misconceptions Surrounding Enterprise Penetration Testing
The concept of Offensive Security is often misunderstood by clients who often confuse it with penetration testing, but these two solutions, while both vital, are in fact quite..

Recruiting and Retaining Women Talent in Cyber Amidst the Cyber Shortage
With more than 2.5 million cybersecurity positions unfilled globally, the cybersecurity field is facing a severe shortage of talent, with an increasing demand for skilled..

Safeguarding Patients' Personal Health Information: 7 Steps to Achieving HIPAA Compliance with Trustwave DbProtect
The Health Insurance Portability and Accountability Act, best known as HIPAA, is one of the most well-known healthcare privacy laws in the United States. The primary objective of..

Part 2: Preparing the Board of Directors for the SEC's Upcoming Cybersecurity Compliance Regulations
In March 2022, the U.S. Securities and Exchange Commission (SEC) issued a proposed rule, the Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure, that, if..

Preparing the Board of Directors for the SEC’s Upcoming Cybersecurity Compliance Regulations
In March 2022, the U.S. Securities and Exchange Commission (SEC) issued a proposed rule, the Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure, that, if..