The most popular Trustwave blog posts in 2023 were a roadmap of what concerned our readers during the year. Top of mind was learning how to develop a strong cyber defense and there was a great deal of interest in Trustwave SpiderLabs’ threat intelligence reports facing the healthcare, financial, retail, manufacturing, and hospitality industries.

1. Focus on these 3 Areas to Develop a Strong Cybersecurity Posture With Fewer Resources

Not every organization's security apparatus is built or funded at the same level. For smaller organizations or those with other needs competing for budget, here are some points that show it's possible to do more with less. To drive meaningful progress and ensure a robust security posture, it's the C-suite and the board must collaborate and focus on three key areas: coverage, consolidation, and assurance.

2. 10 Dynamic Principles for Crafting a Robust Database Security Strategy

The digital world relies on data, which because of its considerable value, is constantly targeted by skilled cybercriminals who have spent years developing methods and tools to gain access to even the most secure databases.

Determining and establishing the appropriate policies, roles, accountability, workflow, mitigations, reporting, and ongoing management will set all stakeholders on a course to achieve your program goals.

3. The 2023 Retail Services Sector Threat Landscape

Trustwave SpiderLabs analyzed the threat actors active in attacking the retail sector, including Royal, Bian Lian, LockBit, Clop, BlackCat, Play, 8BASE, and RasomedVC. These groups have a deep arsenal of well-tried hacking tools at their disposal to gain access, move laterally inside their target, and then exfiltrate data. The most prevalent tactics are email-borne malware, phishing, BEC, and vulnerability exploitation, among others.

4. The 2023 Financial Services Sector Threat Landscape

Cyberattacks striking the financial services industry are more prevalent, dangerous, and hitting faster than ever.

5. Trustwave and Trellix Enter into a Strategic Managed Detection and Response Partnership

Trustwave and Trellix have entered a strategic partnership that will see the two premier cybersecurity companies deliver best-in-class Managed Detection and Response (MDR) solutions to enterprise-class organizations.

The partnership will begin with Trustwave's innovative MDR services on Trellix EDR products, which will result in these clients receiving unrivaled threat visibility and the ability to detect and respond to threats faster and more precisely.

6. Trustwave SpiderLabs: LockBit 3.0 Ransomware Most Common Malware Used to Attack the Manufacturing Sector

One piece of data Trustwave SpiderLabs uncovered in its research that stands out is that Lockbit 3.0 is the predominant ransomware strain used to attack manufacturers, being used in 36% of all such attacks.

7. Tabletop Exercises: The Key to Recovering From a Devastating Cyberattack

The exploitation of the CitrixBleed vulnerability in Netscale by a variety of ransomware groups has led to a widespread disruption of services across several industry sectors, including financial services, healthcare and real estate. These organizations could have avoided this situation if they had taken the time to conduct tabletop exercises. While these exercises would not reveal any specific vulnerabilities, they would have given each firm hands-on practice to react properly when confronted with a worst-case scenario.

8. How Trustwave Can Assist Tribal Governments Applying for $18 Million in DHS Cybersecurity Grants

Tribal governments are among the most underserved organizations in the US when it comes to cybersecurity preparation, with threat actors striking multiple tribes with a variety of cyberattacks.

To help alleviate this issue, the 2023 Department of Homeland Security (DHS) has created the Tribal Cybersecurity Grant Program (TCGP), this $18.2 million is designed to distribute money to tribal authorities enabling them to boost the cybersecurity and resilience of tribally owned or operated information systems.

9. Trustwave’s Observations on the Recent Cyberattack on Aliquippa Water Treatment Plant

The attack last week on the Municipal Water Authority in Aliquippa, Penn., that gave threat actors access to a portion of the facility’s pumping equipment has spurred the Cybersecurity & Infrastructure Security Agency (CISA)and WaterISAC to each issue incident reports and raised multiple questions regarding the site’s security and potential danger to similar plants.

Trustwave has deep insight into properly protecting operational technology (OT) and critical infrastructure, which we will discuss shortly, but first let’s take a look at what took place.

10. SEC: Public Companies Must Disclose Material Cybersecurity Incidents Within 4 Days

The US Securities and Exchange Commission (SEC) adopted new rules for cybersecurity risk management, strategy, governance, and incident disclosure by public companies on July 26, requiring public companies to disclose material cybersecurity incidents within four days of an attack. Additionally, registrants must annually report their process, if any, for assessing, identifying, and managing material risks from cybersecurity threats.

Latest Trustwave Blogs