Trustwave: A Managed Security Provider on the Front Lines of the Fight Against Damaging Data Breaches in Retail

TL; DR: Hackers routinely target vulnerable retailers of all sizes, stealing credit card data and other sensitive financial information in the process. Trustwave helps those businesses protect their data and mitigate risks through cloud and managed security services — and by enlisting a team of cybersecurity experts. The company offers solutions for enterprise operations with complex networks as well as SMBs lacking the resources or expertise to manage their security. Trustwave’s SpiderLabs team of specialists and researchers provides a wealth of knowledge gained through real-world experience with cyber threats. At a time when data breaches can damage brands — and even threaten their viability — Trustwave is an established company trusted by more than 3 million businesses in 96 countries.

Shawn Kanady spends his days on the front lines of the retail industry’s battle against data hacks and security breaches. As a consultant with leading cybersecurity firm Trustwave, Shawn is part of an elite incident response team that serves as the boots on the ground when hackers access a retailer’s system to steal sensitive information.

Those types of breaches can generate unwelcome headlines, significantly harm a company’s brand image, lead to expensive investigations, and, in some cases, drive a retailer out of business.

Shawn is a Principal Consultant with Trustwave’s SpiderLabs, a team of experts who deal with cyberattacks on a daily basis and innovate ways to get — and keep — hackers out. Companies need that level of expertise, but often don’t get it, either because of limited resources or IT focus on other areas of their computer networks.

“We’re in the trenches every day, so we understand what the indicators of compromise look like,” Shawn said. “We know the vulnerabilities and methods that attackers are using, and we’re familiar with the latest malware because we see it every single day.”

For example, Shawn says hackers often target a retailer’s third-party support providers, vendors, or partners with remote access to systems for maintenance or equipment support. Those vendors frequently use the same password for all the merchants they work with, making them an easy target for the spread of malware.

Shawn suggests some common sense steps to curb that problem, including only authorizing remote access when necessary with multi-factor authentication, and not using default passwords on systems and devices.

Trustwave’s comprehensive approach to cyberattack prevention and response begins with its intimate knowledge of today’s digital landscape. In 2016 alone, Trustwave analyzed tens of millions of web transactions for malicious activity, evaluated tens of billions of email messages, and blocked millions of malicious websites.

Trustwave is deployed by more than 3 million companies in 96 countries because of that vigilance.

A high volume of customer credit card information paired with flawed security measures makes retailers a favorite target of hackers.

Trustwave’s annual security report shows that retail accounted for 22% of the thousands of security breaches the company responded to in 2016, the highest rate of any industry. And 63% of those retail breaches targeted payment card data.

Shawn said Trustwave has services customized to the needs of individual retailers — both large and small — to mitigate that risk.

“Small retailers are focused on running their businesses and don’t have the time — or often the expertise — to handle data security,” he said. “Many have no security infrastructure, or the bare minimum, and fall into the trap of believing the vendor who set up their point-of-sale equipment is also ensuring its security.

Trustwave innovates devices and strategies for those SMBs and manages them through its secure cloud platform, TrustKeeper. Along with physical cybersecurity devices at the retailer’s location, the platform also features threat detection, web gateway, email security, network access management, and encryption.

“Trustwave brings in and manages devices for companies that don’t have the budget to hire full-time employees with benefits to do that,” Shawn said.

In the case of enterprise retailers, Shawn said many of those operations have dedicated IT staff, but other responsibilities keep them from focusing on security.

“They’re building servers, getting stores set up, adding user accounts, and day-to-day network administration. They can’t manage security as they should,” he said. “We have a lot to offer those businesses because we can manage it day-to-day, 24/7. We have the people, processes, and technology to ease the security burden. In addition to our own patented technology, we also monitor and support more than 500 third-party products.”

Trustwave Enterprise View is designed for the sophisticated computer networks of larger retail corporations. A business intelligence dashboard tracks and analyzes the entire infrastructure to monitor the overall state of the system — or the individual parts.

“It’s customized to a client’s needs. We can manage devices or fill voids with additional devices and manage them. There are no cookie-cutter solutions that work for everybody,” Shawn said.

Another feature that sets Trustwave apart in the cybersecurity industry is its expert security team, SpiderLabs. The team includes testers, incident responders, friendly hackers, forensic investigators, malware reversers, and security researchers, all working to get inside the minds of hackers and help clients.

The team simulates attacks on computer systems in search of exploitable weaknesses and even uses reverse engineering to uncover details of a breach to see how a hacker entered the system.

SpiderLabs also moves quickly to contain the damage after a breach. The team can augment an existing IT security staff — or supplant it with managed detection and response.

“We’re right there on the spot. It’s almost as if you have a dedicated incident response team that’s on the ground immediately,” Shawn said.

The incident response team also trains clients on how to deal with incidents.

“We provide awareness to our customers, and it’s a good way for them to understand the risk and how to respond should something happen,” Shawn said. “We walk clients through their environments, show them the risks associated, and explain how to mitigate those risks.”

Data breaches and cyberattacks that expose consumer information are becoming more commonplace, as evidenced by headlines splashed all over the news. And those are just the incidents at well-known retailers that make the news, Shawn told us.

“We get calls daily,” he said.

For retailers, the consequences can be dire, with a public relations hit, loss of customer trust, and an expensive aftermath — particularly if an incident requires an investigation into compromised payment card information.

With the stakes so high, retailers must take steps to prevent an attack — and quickly respond if one occurs. Trustwave provides that protection with a dedicated staff focused on the fight against cyberattacks.

When breaches are detected internally instead of externally, say, by a bank or credit card company, the response rate is significantly faster — seven days compared to 60.

“You can’t always prevent a breach. But narrowing that detection-to-response window is what you want to focus on,” Shawn said. “That is the biggest key to protecting your brand.”