5 Ways CISOs Can Leverage the Power of Trustwave Security Colony
Home improvement stores like Home Depot and Lowes are the lifeline for a lot of contractors looking to build or fortify houses and buildings. Inside a typical store, you can find the essential tools and materials required to fix a broken pipe, install a better lock on the front door, or build a foundation for a new expansion.
Trustwave Security Colony is a CISO's cybersecurity posture improvement store.
Security Colony is a powerful self-service resource for CISOs. For example, a CISO who is looking to improve their organization's incident response capability can log in and find an updated ransomware playbook the organization can use, customize if needed, and implement. Is your organization concerned about mitigating insider risk? If so, Security Colony has simulation exercise frameworks available for download.
There are also times when a Security Colony visitor realizes that the task at hand is beyond its capability to implement. In this case, a CISO can ask for help and we will refer them to the right world-class security expert at Trustwave.
Check out the best components of Trustwave Security Colony and why CISOs around the globe recognize it as an essential battle-tested resource for improving cybersecurity resilience.
1. Resource and Video Library
At its core, Security Colony is essentially a massive and diverse repository of cybersecurity content collated into easy-to-navigate categories.
The Security Colony Resource Library contains 17 categories covering almost 400 topics. Trustwave has created all the documentation based on actual work we've conducted for organizations which we then make available to our subscribers. There are then two paths a subscriber can take. The first is to use the information for their edification. The second is to alter the content to create their own action plan knowing that Trustwave used the information stored on Security Colony to help another entity with a similar problem.
The Security Colony team updates the resource library with new content on a weekly basis.
Security Colony's Video Library contains a wealth of information for folks looking for an introductory lesson on a particular topic, say phishing or identifying an insecure WiFi connection. Senior Trustwave consultants present the videos.
Other videos featured tutorials on how to get the most out of a Security Colony subscription with instructions on navigating the site and using the various security tools which subscribers can access.
2. Maturity Assessment
The Security Colony Maturity Assessment is a self-paced tool that will measure if an organization's security can defeat today's cyber threats. The threat assessment analyzes your industry and the nature and size of your business. It uses NIST Cyber Security Framework to assess your ability to identify, protect, detect, respond and recover appropriately to maintain a suitable level of security.
Areas covered include:
- Threat and Maturity Assessment and recommendations for prioritized focus on areas of weakness.
- Use the documents and score to justify the budgets for your next important security projects.
- Show your internal and external stakeholders how your security program is progressing.
3. Public and Private Forums
Security Colony maintains two types of forums. A public version for those who hold only a basic subscription service where you can ask Security Colony's cybersecurity consultants for advice and support.
A private forum is also available. It operates in the same manner as the public version but a subscriber can ask questions that may be too sensitive to talk about publicly. The private forum, however, is only available to paying subscribers.
4. Vendor Risk
Supply chain attacks are becoming a common occurrence, so it's imperative that an organization understand the risk imposed by their vendors. Security Colony uses a range of free, open-source, and commercial tools to complete over 20 distinct checks against a company's online footprint, packaging this analysis in an easy-to-use interface detailing the identified risks and providing an overall risk score and grade for the assessed organization.
These include:
- Assessing the organization for historical (or current) malicious activity.
- Assessing security misconfigurations and vulnerabilities related to server configuration.
- Assessing security misconfigurations and vulnerabilities related to e-mail system configuration.
5. Breach Monitor
The Breach Monitor lets you know when and if your domains and related entities have become a topic of conversation on the dark web. The tool allows you to create a set group of searches that will run daily against public and private breach and ransomware sources. If a breach is discovered, Trustwave will issue a notification and point to the public and dark web data sources for occurrences.
The Security Colony Value
Essentially, those who join Security Colony receive millions of dollars' worth of consulting work for around $5,000 a year, depending upon the chosen subscription level. It's almost easier to spend more on tea and coffee in a year than for a subscription to Security Colony. It's the best value that allows you to keep up to date with what's going on and what you need in security.
The best part is one doesn't have to spend any money. Trustwave offers a great deal of content free.
Simple Subscription Pricing
Security Colony is the CISO’s best friend, an arsenal of potent, actionable, best practice knowledge at your finger tips starting at less than $10 a day, and a simple no-fuss pricing model.
| Free | Startup | Core | Enterprise | |
|---|---|---|---|---|
| Cost (charged annually, plus tax) |
$0 | $150 / month | $450 / month | $1,750 / month |
| Users | single user | single user | five users | ten users |
| Resource Library | 60+ free resources | 180+ resources | 300+ resources | 360+ resources |
| Video Library | 18 free educational videos | + premium educational videos | + premium educational videos | + premium educational videos |
| Vendor Risk | A single assessment for your email domain | Assessment of your email domain, continually re-evaluated (more available with in app purchase) |
+ 10 vendor slots (more available with in app purchase) |
+ 100 vendor slots (more available with in app purchase) |
| Maturity Assessment | A single assessment (high level reporting) | Get 4 assessments per year | Get 12 assessments per year | Unlimited assessments |
| Breach Monitor | - | Full Monitoring | Full Monitoring | Full Monitoring (curated) |
| Security Forums | Public | Public | Public & Private Forums | Public & Private Forums |
| Included Consulting | - | - | 2 document reviews annually | 12 document reviews annually |
