Trustwave and Cybereason Merge to Form Global MDR Powerhouse for Unparalleled Cybersecurity Value. Learn More

Trustwave and Cybereason Merge to Form Global MDR Powerhouse for Unparalleled Cybersecurity Value. Learn More

Services
Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

Database Security

Prevent unauthorized access and exceed compliance requirements.

Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

Solutions
BY TOPIC
Microsoft Security
Unlock the full power of Microsoft Security
Offensive Security
Solutions to maximize your security ROI
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Security Operations Platform
Trustwave Security Colony
Partners
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats

Data Privacy Day: Best Practices Organizations Should Know

Today is Data Privacy Day – a day set aside to help encourage organizations and individuals to appreciate the critical importance of privacy and data protection practices. Observed in almost 50 countries around the world, the event began in 2007 in the European Union, and was recognized by the United States Congress in 2009.

As recent high profile breaches like the FireEye/SolarWinds Orion compromise and the discovery of massive database of U.S. voter information for sale on criminal forums have shown, our data is increasingly at risk. For organizations of all kinds, keeping data safe will be ever more vital, not only from a risk and compliance point of view, but also through the paradigm of enhancing business success. As consumers become more concerned with how their data is being handled, they will also vote with their wallets and become more loyal to companies with strong data protection policies and track records of handling data safely.

 


RESEARCH REPORT

2020 Trustwave Data Security Index

The 2020 Trustwave Data Security Index report depicts how technology trends, compromise risks and regulations are shaping how organizations’ data is stored and protected. The report is based on a recent survey of 966 full-time IT professionals who are cybersecurity decision makers or security influencers within their organizations. Over 75% of respondents work in organizations with over 500 employees in key geographic regions including the United States, United Kingdom, Australia and Singapore.

 


Given the stakes, what should organizations do to help keep data private and risks properly mitigated? Listed below are a few best practices, with links to resources that can help you learn more about this vital subject matter. In addition, the National Cybersecurity Alliance offers a wealth of information on this important subject, and Trustwave has services and solutions that can help your organization with data privacy needs.

Emphasize employee education. Protecting data starts with empowering your employees, so that they know how to practice good security hygiene and how to protect themselves (and your business) from the most common cyber-attacks, like phishing, business email compromise and other exploits that specifically target the human element. It’s also important to note that Security Awareness Education training and policies are mandatory for most organizations for compliance reasons. Dive deeper into this subject with this blog post on CISO data solutions, this infographic on essential cybersecurity tips, and this data sheet on cybersecurity education.  

Map out your data storage. Modern organizations, especially enterprise level organizations, are dealing with ever growing data sprawl. As the 2020 Trustwave Data Security Index showed, most organizations are moving their data into a hybrid cloud/on-premises storage model, with multiple cloud providers. A special concern exists for organizations that either have or will go through a merger or acquisition, as legacy data concerns frequently occur. Learn more about data risk mitigation, the risks of hosting data in the cloud, and check out this infographic which shows the 5 ways attackers will try to get to your data.

Recognize the hidden weaknesses. Most organizations don’t realize that partners and vendors typically have no responsibility for protecting your data. A common misconception is that cloud providers share liability for data protection: they do not. Even the major providers, like Google, Azure and AWS, have no responsibility in the case of a breach – and a common vulnerability that Trustwave SpiderLabs researchers often uncover is from organizations relying on default cloud server settings. Another all-too common hidden vulnerability results from sloppy or slow database patching practices. Learn more about how to recognize your data weak spots with this webinar on patching practices and this infographic on testing your data security.

Remember that less is more. Since every piece of data you collect adds to your potential risk, the simplest way to mitigate that risk is to only collect data that you absolutely need. Many organizations are also beginning to consider when it’s appropriate to actually destroy unnecessary data – which is also a consideration in certain compliance situations. Additionally, organizations should always adhere to the principle of least privilege, so employees only access the data they need to perform their jobs. Regularly reviewing user privileges is also vital. Dig deeper into this topic with this interview on the changes occurring in data security.

Of course, one of the most important strategies for protecting data is having a program in place to detect and respond to breaches – which is why so many organizations are turning to managed threat detection and response solutions. Remember, for most of us it’s not a question of if we’ll get breached but when… and how ready we’ll be to respond.

ABOUT TRUSTWAVE

Trustwave is a globally recognized cybersecurity leader that reduces cyber risk and fortifies organizations against disruptive and damaging cyber threats. Our comprehensive offensive and defensive cybersecurity portfolio detects what others cannot, responds with greater speed and effectiveness, optimizes client investment, and improves security resilience. Learn more about us.

Latest Intelligence

Discover how our specialists can tailor a security program to fit the needs of
your organization.

Request a Demo