This is Part 10 in my ongoing project to cover 30 cybersecurity topics in 30 weekly blog posts. The full series can be found here. Identity protection is one of the most important topics in cybersecurity. It is often complex in its configuration and operation. Over 80 percent of all security incidents result from poor identity access controls. Consider the following recommendations when developing a comprehensive Identity Management strategy.

An offensive security strategy is a sophisticated and dynamic approach that extends beyond mere testing. It's a comprehensive plan that aligns with an organization's core mission, transforming security from a passive shield to an active spearhead. After all, in any fight, a combatant can only block punches for so long before striking back.

If the UK is serious about digitizing the economy, then cybersecurity is priority number one and the first step should be to take a hard look at the UK Government's recently released draft code of practice for cybersecurity governance. Whilst governments around the globe have been kicking around the metaphorical can of AI regulation, something has been going on in the background: something tangible, incredibly dangerous, and increasingly more frequent: cybercrime.

This is Part 9 in my ongoing project to cover 30 cybersecurity topics in 30 weekly blog posts. The full series can be found here. In the movie The Matrix, The Key Maker controlled access to many locations and resources with the goal of preventing malicious code from destroying sensitive information. In a rare life-imitates-art situation, organizations today face the same challenge as they work to protect operational processes and corporate information.

Offensive security has become a cornerstone strategy for organizations aiming to fortify their defenses against cyber threats. However, before one creates a suitably developed offensive security program, an organization must ensure it is properly scoped. This will ensure the final product is effective, efficient, and aligned with the organization's overall security objectives. Here's a guide to help organizations understand and implement a well-scoped offensive security program.

Ransomware-as-a-service (RaaS) threat groups are placing severe and continuous pressure on the financial and government services sectors in Latin America, according to data compiled by the elite Trustwave SpiderLabs team. RaaS is where developers working for threat actors manage and update the malware while affiliates carry out the actual ransomware attacks.

Trustwave MailMarshal solidified its leadership position in the email security space, being named a Trail Blazer by the analyst firm Radicati Group in its Secure Email Market Quadrant 2024 report. Radicati highlighted MailMarshal’s product features, multiple solutions available, and a long list of strengths as primary reasons why Trustwave earned Trail Blazer status.

Trustwave is partnering with Telarus, a leading technology services distributor (TSD), which will allow it to leverage Trustwave’s comprehensive offensive and defensive cybersecurity portfolio and give Trustwave a direct line to Telarus' vast network of technology advisors.

Know your enemy – inside and out. External Attack Surface Management tools are an effective way to understand externally facing threats and help plan cyber defenses accordingly. Let’s discuss what EASM is, how to use it, and what other pieces are involved to help one see through the fog of war that is your external network security posture.

This is Part 8 in my ongoing project to cover 30 cybersecurity topics in 30 weekly blog posts. The full series can be found here. If your organization has computers, and I’m sure it does, then it's likely it has an Endpoint Detection and Response (EDR) solution installed. Since the capabilities of EDR solutions have changed over the years, it’s recommended to re-evaluate the solution’s features periodically to ensure it is up to date.