The cost of hiring an outsourced cyber security company can start from as little as £500 per month, or £10,000 or higher for large companies. For global multi nationals, it wouldn’t be unreasonable to spend millions on cyber security and to protect yourself against an attack of data breach. Companies have the option to use ongoing monthly services to detect potential threats, or the opportunity to do one-off tests to check for vulnerabilities such as penetration testing or red teaming.

The global zero trust security market was valued at USD 19.2 billion in 2024 and is expected to grow at a CAGR of over 17.4% between 2025 and 2034, driven by rising cybersecurity threats. This explosive growth is a direct reflection of the fundamental change in how organizations think about security.

Food delivery giant DoorDash recently suffered a cybersecurity incident that compromised sensitive customer and merchant information. Known for delivering everything from burritos to bubble tea across the United States and beyond, DoorDash confirmed that unauthorized actors accessed parts of its system in a recent data breach.

A new phishing kit is impersonating the Italian IT and web services provider Aruba, according to researchers at Group-IB. The kit is designed to trick users into entering their Aruba credentials, granting attackers access to sensitive accounts. “Such a target offers significant payoff: compromising a single account can expose critical business assets, from hosted websites to domain controls and email environments,” Group-IB says.

The Governor’s Technology Office (GTO) of the State of Nevada recently released an “After Action Report” on the statewide ransomware attack that disrupted state systems for nearly one month in August 2025. The report details not only what happened but also the coordinated incident response from the GTO, vendors and law enforcement partners from local, state and federal agencies.

As enterprises scale their infrastructure across on-premises, hybrid and cloud environments, traditional Identity and Access Management (IAM) tools are struggling to keep up. Legacy Privileged Access Management (PAM) platforms were built to support static infrastructures and were not designed for today’s multi-cloud environments. They have been shown to increase complexity, create gaps in security coverage and cause significant budget strain.

Microsoft Foundry and Microsoft Copilot Studio have made it simple to build AI agents that automate workflows, access sensitive data, and integrate across critical business systems. However, agent democratization without control creates new security challenges. Further, as more agents are deployed across the organization, it means more agents that can access more data, invoke more tools (including MCP and A2A), and perform more actions. In other words, the potential attack surface is expanding.

Crowdsourced penetration testing promises broad coverage, flexible resourcing, and cost efficiency by tapping into a distributed pool of security testers. Trustwave, A LevelBlue Company, realizes that not every organization has the financial resources to partner with a security firm with dedicated penetration testing capabilities. At the same time, we want to make organizations aware of the many pitfalls in the crowdsourced pen-testing market and offer a few pointers on choosing the right vendors.