The Gately Report: Trustwave Partners Get Help Starting Cybersecurity Journeys
Plus, a new advisory addresses challenges faced when defending against DDoS attacks.
![Trustwave partners get cybersecurity help Trustwave partners get cybersecurity help](https://eu-images.contentstack.com/v3/assets/blt10e444bce2d36aa8/bltc2b806593c236bb9/65da0113c068cb040adbdb53/Cybersecurity_Shield.jpg?width=700&auto=webp&quality=80&disable=upscale)
Monster Ztudio/Shutterstock
Channel Futures: You have a long history in the channel, with Lumen Technologies/CenturyLink/Level 3 Communications and more, but this was your entry into cybersecurity. What from your history did you bring to this role?
Garrett Gee: When I wanted to get back into the game, where did I want to go? I specifically chose to look into security because I felt where security is on that maturity curve, it's growing and it's only going to grow more, unfortunately, with what we see day in and day out. What I think I bring to Trustwave is all that knowledge over the last couple of decades and relationships. The ability for us to sign two new TSDs rapidly and now a third, that doesn't happen without existing relationships. So I've brought the knowledge that I had from the channel over the last couple of decades to Trustwave. We've built up a lot of processes and procedures that we think is a competitive advantage in the security space.
CF: How can Trustwave help partners protect themselves and their customers from ransomware, data breaches, etc.?
GG: The way I like to look at our business is we have three different components. We have a consulting portion, we have a managed services portion and then we have a few software products. So to answer your question, just doing a security maturity assessment for either the partner themselves or the end-user customer, where they are vulnerable, that's more of a consulting-type exercise.
Another thing that's really prominent right now is ransomware readiness. We hear all about ransomware attacks right now. One of our partners uses our incident response services, so if they ever get breached, we have a playbook already in place on how we're going to execute against that actual breach. That's one of those services that we provide that's part of the consulting arm. And then when you get into a defensive type service wrapper, we start talking about managed detection and response (MDR) services, and co-managed security operations centers (SOCs), so helping customers manage their environment because a lot of those tools are quite complex.
CF: AI is really big in cybersecurity. How is Trustwave making use of AI?
GG: We are part of the Copilot [early access program] with Microsoft both on the partner and customer side. So we're engaged with Microsoft in regards to that partnership as it relates to AI integration. It's certainly integrated into our back office as it relates to how the actual integration is done into our Fusion platform.
CF: What sort of feedback are you receiving from partners?
GG: Feedback's been great. We've had some partners that have had 100% year-over-year growth in the last year. I think a lot of partners that were thinking about security are now finally leaning in. A good example would be going from frame relay or asynchronous transfer mode (ATM) to MPLS. It was scary to partners a decade ago and now partners realize that they need to make that pivot, and start talking about the endpoint and securing the endpoint, not just about deploying actual network infrastructure. So we're getting a lot of really great feedback from the partner community.
CF: Ease of use is really big in the channel. Tell me about ease of use with Trustwave and its partners, particularly those just starting out in cybersecurity.
GG: We’re a pure-play MSSP, which allows us to really focus and become masters at that craft. So on the ease-of-use side, we have a very easy-to-use portal that allows deal registration. As soon as your deal registration is confirmed, you will get swarmed with personnel helping you with that customer journey. So we'll help you with all the customer presentations, quoting, etc. So what we found is we're getting a lot of accolades from our actual partners about the way that they're treated during the sales process.
CF: Is the current threat landscape shaping Trustwave’s business, product and channel strategies?
GG: One big bet that we've made is we have a very strong relationship with Microsoft. We see more and more customers looking to their security solutions, both Defender and Sentinel, and we've crafted strategies around that. So if customers are looking to engage in a managed service with Trustwave leveraging Microsoft tools, we have workshops where we can actually bring customers in. It's a multi-week process free to the customer, where we can actually tune those tools to really help them monetize the things that they've already bought. So that's just one example. But as the threat landscape continues to evolve, phishing attacks are becoming more sophisticated, so we have an email gateway product to protect against that. So yes, absolutely, our SpiderLabs team and our research teams are always evaluating everything going on from a threat landscape perspective and making sure that we're staying up to par so we can provide the products and services that customers need.
CF: Say I’m a partner just starting my cybersecurity journey. Why Trustwave as opposed to one of your competitors?
GG: I honestly believe that our people are as good as anybody in the industry. We have a proven track record. Trustwave is not a new entrant. When you can do this for two-decades plus, you're obviously a proven entity. And if you look at the analyst reports, we have a very strong presence and accolades from many of them about our managed security and consulting practices.
CF: What do you find most surprising and disturbing about the current threat landscape?
GG: I was in networking for the last couple of decades and as soon as I moved into security, I changed my LinkedIn profile, and it feels like the attacks to me personally have changed. What we're seeing is an elevated, more sophisticated amount of attacks coming in through email. And one of the reasons why we have an email gateway software product is because a high percentage of attacks still come in through malicious emails. So I think that's one of the things that we're seeing continue to evolve, what's happening with emails. And by the way, once they infiltrate the network, they're going after your databases. And that's why we have a vulnerability or a database scanning software as well.
CF: What’s ahead for you in this position? What can partners expect in the months ahead?
GG: We've got a lot of great marketing enablement programs that we're doing for partners. So if they want to lean in with Trustwave, we can actually look at their customer base, we can put it into verticals, we can run intent data to see where surging is happening within that domain so we can do very specific marketing campaigns, co-branded marketing campaigns with those partners. That has resonated really well. And then we’re continuing to double down on training. This is a journey, and we keep telling partners you don't have to know everything about security. You just need to know how to recognize an opportunity and ask a couple of upfront questions, and then we'll come in and support you. We have a channel-neutral model, which allows our direct team and our channel team to support customers with our engineers with no conflict. So it's a really safe place for partners to bring their opportunities.
In other cybersecurity news …
The Cybersecurity and Infrastructure Security Agency (CISA), FBI and the Multi-State Information Sharing and Analysis Center (MS-ISAC) have released an updated joint guide to address the specific needs and challenges faced by organizations in defending against distributed denial of service (DDoS) attacks.
DDoS attacks, where a multitude of compromised computers send a flood of traffic or requests to the target system to render it unavailable to its users, are difficult to trace and block, according to the joint advisory. This vector is commonly used by politically motivated attackers, including hacktivists and nation-state groups, with government websites often targeted.
The joint advisory highlights three main types of DDoS attacks public sector entities must be prepared for:
Volume-based attacks, which aim to consume the available bandwidth or system resources of the target by overwhelming it with a massive volume of traffic.
Protocol-based attacks, where the attackers focus on weak protocol implementations to degrade the target’s performance or cause it to malfunction.
Application layer-based attacks, which target vulnerabilities in specific applications or services running on the target system, consuming its processing power or causing it to malfunction
However, the categories are not mutually exclusive, and malicious hackers can combine multiple techniques to launch sophisticated DoS and DDoS attacks. Furthermore, new attack methods and variations constantly emerge as malicious actors adapt and evolve their tactics, techniques and procedures (TTPs).
Ken Dunham, cyber threat director at Qualys Threat Research Unit, said DDoS attacks have proven to be the most effective by bad actors for payouts and disruption when timed against a target's primary business needs.
“For example, targeting a gambling institution just prior to a sporting event, which would make it more likely to pay out to make the DDoS attacks stop,” he said. “DDoS attack tactics have changed tremendously over the years with changes in technology. We’re seeing massive throughputs that are impossible to defend against unless you have specific DDoS countermeasures in place, proactively, starting at the edge of your border gateway. In keeping with the themes of the joint advisory, organizations would be wise to proactively identify actors, threats and TTPs specific to their organization to prioritize what might be more likely to hit and thus plan countermeasures more effectively.”
Darren Guccione, Keeper Security’s CEO and co-founder, said the latest joint advisory highlights the critical need for government entities to protect themselves against the persistent threat being presented by DDoS attacks.
![Keeper Security's Darren Guccione Keeper Security's Darren Guccione](https://eu-images.contentstack.com/v3/assets/blt10e444bce2d36aa8/bltb7ee2ff23778f991/6525c7b4df06b532a6259c46/Guccione-Darren_Keeper-Security.jpg?width=700&auto=webp&quality=80&disable=upscale)
Keeper Security's Darren Guccione
“Because DDoS attacks are relatively easy to execute, and can cause significant reputational and financial losses as a result of disrupting the target organization’s services, they are a prominent tool in bad actors’ arsenal,” he said. “While not every attack can be prevented, this advisory offers steps that can be taken to mitigate the damage caused by cybercriminals and minimize impacts on systems and operations.
The joint advisory emphasizes the importance of implementing network monitoring, regularly analyzing network traffic to have an established baseline and implementing captcha to differentiate between human users and bots, Guccione said.
“Additionally, organizations should consider developing a robust incident response plan, employing DDoS mitigation services, and evaluating and potentially increasing bandwidth capacity to effectively mitigate the impact of these attacks,” he said.
With the April 15 tax-filing deadline fast approaching, cybercriminals are ready to pounce on filers who let their guard down in the rush to finish.
Recent tax scams, as highlighted by the IRS and the FBI, continue to pose significant threats to taxpayers, exploiting various schemes to commit fraud and identity theft, according to Valimail. The IRS’s “Dirty Dozen” list for 2023 underscores the variety of scams taxpayers and tax professionals should be wary of, not only during the tax season but throughout the year.
Among these scams, the misuse of the Employee Retention Credit (ERC) has been notably aggressive, with scammers luring ineligible individuals with promises of significant refunds. Other popular cons are “professionals” offering to set up your IRS accounts (to steal your data), lying about fuel tax credits you can get, or fake charities exploiting your kindness to pocket donations. Other scammers try to bait people through phishing emails and texts, pretending you need to simply “update personal info” or something else seemingly non-nefarious.
Like always, it’s smart to keep your personal information safe, and be cautious of any surprise emails or calls pretending to be from the IRS or similar tax organizations. If you ever get questionable requests, check the IRS and/or FBI website for scam alerts to protect yourself, no matter how convincing the communication sounds.
The biggest vector for abuse happens when a bad actor can fraudulently use a business’ trusted emailing domain to send legitimate-seeming messages to their employees, partners or users, according to Valimail. Google and Yahoo have set new requirements that began taking effect in February, focusing on enhancing authentication and anti-spam measures for emails, to stop spam, phishing and fraud. These rules require emailers to secure their domains from fraudulent usage and apply to nearly every business that sends email to Gmail or Yahoo inboxes.
These rules, once fully in effect, should make it much harder for scammers to leverage trusted domains to defraud users. However, these changes won’t be fully implemented for this tax season. Google and Yahoo will gradually enforce these rules to give senders ample time to comply.
“As we navigate this tax season, I want to stress the importance of vigilance against the sophisticated phishing scams and identity theft attempts that are unfortunately all too common,” said Seth Blank, Valimail’s CTO. “We must, therefore, treat every communication with a level of distrust. This is especially true of anyone claiming to be from the IRS or a similar entity. I urge everyone to adopt a verify-first approach, ensuring the legitimacy of any tax-related correspondence before engaging. You are protecting not only your own organization’s personal information and financial integrity, but also that of your customers. This vigilance is not just a best practice anymore — it demonstrates an indisputable level of conscientiousness to the protection and privacy of your organization and its stakeholders.”
With the April 15 tax-filing deadline fast approaching, cybercriminals are ready to pounce on filers who let their guard down in the rush to finish.
Recent tax scams, as highlighted by the IRS and the FBI, continue to pose significant threats to taxpayers, exploiting various schemes to commit fraud and identity theft, according to Valimail. The IRS’s “Dirty Dozen” list for 2023 underscores the variety of scams taxpayers and tax professionals should be wary of, not only during the tax season but throughout the year.
Among these scams, the misuse of the Employee Retention Credit (ERC) has been notably aggressive, with scammers luring ineligible individuals with promises of significant refunds. Other popular cons are “professionals” offering to set up your IRS accounts (to steal your data), lying about fuel tax credits you can get, or fake charities exploiting your kindness to pocket donations. Other scammers try to bait people through phishing emails and texts, pretending you need to simply “update personal info” or something else seemingly non-nefarious.
Like always, it’s smart to keep your personal information safe, and be cautious of any surprise emails or calls pretending to be from the IRS or similar tax organizations. If you ever get questionable requests, check the IRS and/or FBI website for scam alerts to protect yourself, no matter how convincing the communication sounds.
The biggest vector for abuse happens when a bad actor can fraudulently use a business’ trusted emailing domain to send legitimate-seeming messages to their employees, partners or users, according to Valimail. Google and Yahoo have set new requirements that began taking effect in February, focusing on enhancing authentication and anti-spam measures for emails, to stop spam, phishing and fraud. These rules require emailers to secure their domains from fraudulent usage and apply to nearly every business that sends email to Gmail or Yahoo inboxes.
These rules, once fully in effect, should make it much harder for scammers to leverage trusted domains to defraud users. However, these changes won’t be fully implemented for this tax season. Google and Yahoo will gradually enforce these rules to give senders ample time to comply.
“As we navigate this tax season, I want to stress the importance of vigilance against the sophisticated phishing scams and identity theft attempts that are unfortunately all too common,” said Seth Blank, Valimail’s CTO. “We must, therefore, treat every communication with a level of distrust. This is especially true of anyone claiming to be from the IRS or a similar entity. I urge everyone to adopt a verify-first approach, ensuring the legitimacy of any tax-related correspondence before engaging. You are protecting not only your own organization’s personal information and financial integrity, but also that of your customers. This vigilance is not just a best practice anymore — it demonstrates an indisputable level of conscientiousness to the protection and privacy of your organization and its stakeholders.”
Trustwave partners are getting help in starting their cybersecurity journeys as their customers face increasing threats and need protection.
That’s according to Garrett Gee, Trustwave’s global vice president of indirect channels and alliances. He took the role in late 2022 and brought more than 20 years of industry experience.
In February, Trustwave announced its Trustwave MailMarshal, an email content security solution, is now available on the Microsoft Azure Marketplace, an online store for solutions that are built on or for Azure and intended for IT professionals and developers.
Gee has been focused on building up Trustwave’s channel program in the United States.
“In other parts of the globe, we have a pretty mature program,” he said. “So we've signed a couple of the nationwide [technology service distributors]. We've had a longstanding relationship with Avant, and we've got Intelisys and Bridgepointe Technologies, and we just signed Telarus, so we're delighted about that as well. That puts us in a position where we can get the scale that we want from the trusted advisor community here in the states.”
Marketing Programs to Help Trustwave Partners
Trustwave is working on training with its partner community because “we’re getting a lot of the people that have focused on selling network, cloud and infrastructure to pivot toward security,” Gee said.
“It can be a scary topic for them, so we've got a lot of marketing programs that we've put in place, depending on where you are on your security journey,” he said. “So if security is brand-new and you have not asked any of your customers what their security posture is, we have a track where you can enter and you can start basically at a 101 type security training. If you're very sophisticated and you're already selling endpoint detection and response (EDR) and security information and event management (SIEM), etc., you come in and we talk about the differentiators that Trustwave has.”
![Trustwave's Garrett Gee Trustwave's Garrett Gee](https://eu-images.contentstack.com/v3/assets/blt10e444bce2d36aa8/bltc90a383322f55f5b/65fdf796b91881040a5e3fa3/Gee_Garrett_Trustwave_2024.jpg?width=700&auto=webp&quality=80&disable=upscale)
Trustwave's Garrett Gee
Many Trustwave partners just starting with cybersecurity have sold UCaaS, specialized in MPLS, and offered data center and cloud solutions, Gee said.
“What we're seeing is a lot of those mature partners in what I'll call the network space are looking at what's going on with their business, and where the products and services that they've been selling for the last decade or two are on the maturity curve, and a lot of them are starting to decline,” he said. “Or they're commoditized now. And so they're looking at what's the next big thing and security is one of them. Security is all over the news each and every day. So a lot of the cutting-edge partners are now leaning in. They want to learn more. How do I start introducing a security conversation into my embedded customers or for new logo pursuits as well?”
Scroll through our slideshow above for more from Trustwave and more cybersecurity news.
About the Author(s)
You May Also Like