Trustwave has attained authorized status by the Federal Risk and Authorization Management Program (FedRAMP) for its Government Fusion platform. This announcement follows Trustwave being named last year as an official StateRAMP-authorized vendor. These achievements cap a multi-year journey through the FedRAMP process and make Trustwave the only pure-play Managed Detection and Response (MDR) provider recognized by FedRAMP.

There was once a famous advertising tagline used in TV commercials. "But wait, there's more!" This line was used to sell knives that could cut through a soda can and stay sharp enough to slice a tomato, but now there is a more up-to-date situation where the line is still applicable. "You bought Microsoft 365, great!

In a statistical report published in September 2024 by the Federal Bureau of Investigation (FBI), it was revealed that more than US$55 billion was lost to business email compromise (BEC) attacks between October 2013 and December 2023. This profitability drives attackers to further their techniques and adapt to security filters. BEC is a highly sophisticated and researched scam that aims to bait a specific type of employee or department in a company.

The Payment Card Industry Data Security Standard (PCI DSS) has long been recognized as the gold standard for payment security, establishing rigorous protocols for organizations that handle credit and debit card data. Designed to bolster defenses and minimize the risk of costly data breaches, PCI DSS is now poised for a major evolution. With the introduction of PCI DSS 4.0, new compliance requirements will become mandatory starting March 31, 2025.

The Financial Industry Regulatory Authority (FINRA) recently released the 2025 FINRA Annual Regulatory Oversight Report, which observed an increase in the variety, frequency, and sophistication of insider threats by threat groups.

As bad actors use artificial intelligence to step up their phishing game, mounting an effective defense means using a secure email gateway that likewise employs AI to detect even the most cleverly crafted phishing emails and the fraudulent websites to which the emails attempt to direct recipients. The concern is not just with generative AI (GenAI) tools like ChatGPT, which has some (rather limited) guardrails to prevent nefarious use.

When remote work became mandatory in the wake of the 2020 COVID pandemic, organizations had to quickly dispatch staffers to their homes with all the equipment, and services, they would need to do their jobs. However, as organizations ranging from the US government to JP Morgan Chase to Amazon, have all put out a call for their workers to return to the office, security issues will again become paramount.

For the sixth consecutive year, the leading channel publication CRN named Trustwave to its 2025 Managed Service Provider (MSP) 500 list in its Security 100 category. The Trustwave Global Channel Partner Program earned this honor by providing one of the industry's most extensive collections of security products and services. These offerings cater to enterprise requirements in threat detection and response, as well as vulnerability and risk management.

The recent UK Home Office proposal designed to hinder and disrupt ransomware operations through several proposed measures, including a targeted ban on ransomware payments, has again brought this question into the public square. The question of whether to pay a ransom demand is a decades-long argument with ardent opinions on both sides.

While Chief Information Security Officers (CISOs) know how crucial a consistent enterprise penetration testing program is to their cybersecurity program, convincing their fellow leaders and board members to invest in pen testing amid other budget demands can be challenging. The key is to speak to these leaders in terms they readily understand, focusing largely on risk.