Trustwave and Cybereason Merge to Form Global MDR Powerhouse for Unparalleled Cybersecurity Value. Learn More

Trustwave and Cybereason Merge to Form Global MDR Powerhouse for Unparalleled Cybersecurity Value. Learn More

Services
Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

Database Security

Prevent unauthorized access and exceed compliance requirements.

Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

Solutions
BY TOPIC
Microsoft Security
Unlock the full power of Microsoft Security
Offensive Security
Solutions to maximize your security ROI
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Security Operations Platform
Trustwave Security Colony
Partners
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats

CISO Data Headaches – CISO Data Solutions

Unquestionably, the expectations on a CISO are becoming ever more formidable. There’s an increasing amount to worry about and, as we’ve seen, attacks are getting more sophisticated and complex. It’s been said that data represents the “crown jewels” of organizational assets, and that’s never been truer than in 2021.

As somebody who regularly speaks to CISOs across different industries, sectors and levels of cyber maturity, I’ve seen first-hand where the headaches exist and what causes these headaches. While all organizations are different and have different risks, finding solutions for those headaches is possible. Here’s what I recommend.   

Too Much Data = Too Many Vulnerabilities

While having too much data isn’t necessarily a problem, it can lead to a form of analysis paralysis. Data gives us the ability to measure and track progress, but it shouldn’t prevent us from making inroads.

Vulnerability scans, penetration testing, threat hunts, expanding attack surfaces, multi-cloud environments, insecure APIs and the like can all produce oodles of security issues and data, and these security issues can compound over time and leave an organization vulnerable to attack.

Vendors will try and sell a solution that fixes all your problems in one go, the reality is that there is no such thing as a security silver bullet. Achieving security maturity is done by people, process and technology all working together to increase the internal cyber culture.

An example of this is when a user selects a “strong” password from the get-go, this decision was the product of good security culture and involved people, process and technology. This one event does not make an organization secure, it’s the compounding effect of hundreds of daily decisions that help increase cyber maturity.

Context is Key

Deciding what to fix and when to fix it is critical. While the security provider may well understand what your environment / application looks like, they may have some difficulty adding the appropriate level of context onto the issues.

Unfortunately, and unlike taking a headache tablet, there is no one solution to this problem. Fortunately, there are solutions that can be applied to increase cyber maturity for all organizations:

Concentrate on the Basics: It almost always comes down to the basics of information security. All too often we see organizations fail at the basics (patching, passwords and policy). We know that security at an enterprise level is difficult, nuanced and multifaceted. Ensuring that hosts and devices are not un-patched, that robust password management is in place and that security cannot be circumvented by weak policy is critical in ensuring cyber maturity.

Prioritize Key Systems and Hosts: Not all hosts are created equally, some are more important to a business than others. Where are the crown jewels and are they secured and hardened to a level that is acceptable? Are these systems externally facing or are they internal hosts? These are some of the questions that need to be asked, once this is decided, appropriate hardening can take place. It’s important to identify here that while the protection of key systems is important, it’s also key to harden any adjoining environments. This analysis should be done by a penetration tester.

Speak to your Security Provider: More often than not, the security provider will understand your environment as well as you do… consult them when you plan to make impactful security decisions or impactful decisions to your overall IT environment.  If they’ve recommended a fix for an issue and it isn’t practical for your organization, what other controls can be implemented to minimize risk to that asset?


17230_2020-data-security-cover
RESEARCH REPORT

2020 Trustwave Data Security Index

The 2020 Trustwave Data Security Index report depicts how technology trends, compromise risks and regulations are shaping how organizations’ data is stored and protected. The report is based on a recent survey of 966 full-time IT professionals who are cybersecurity decision makers or security influencers within their organizations. Over 75% of respondents work in organizations with over 500 employees in key geographic regions including the United States, United Kingdom, Australia and Singapore.

About the Author

Ed Williams is VP, SpiderLabs at Trustwave, with over 10 years of experience directly focused on penetration testing and consultancy for Government and private sector organizations. Follow Ed on LinkedIn.

ABOUT TRUSTWAVE

Trustwave is a globally recognized cybersecurity leader that reduces cyber risk and fortifies organizations against disruptive and damaging cyber threats. Our comprehensive offensive and defensive cybersecurity portfolio detects what others cannot, responds with greater speed and effectiveness, optimizes client investment, and improves security resilience. Learn more about us.

Latest Intelligence

Discover how our specialists can tailor a security program to fit the needs of
your organization.

Request a Demo