Cybersecurity works best when it works together. This is the philosophy behind the announced merger agreement between Cybereason and Trustwave. The companies' leadership realizes the cyber threat landscape is more dangerous than ever. Threat actors, be they individuals, cybercriminal gangs, or nation-states, are attacking more frequently using complex and sophisticated methods. Entities are demanding better solutions to keep them safe. Cybereason Chairman and CEO Eric Gan summarized the strategy behind the two companies coming together. "As the cybersecurity landscape continues to evolve, organizations are seeking more comprehensive solutions that integrate technology, services, AI, and human-led expertise to keep threat actors from causing harm."
The consolidation is to be completed in early 2025, following the customary conditions and regulatory approvals. The two companies will function independently but are committed to creating value-added capabilities to provide expansive and integrated solutions.
Unique Value Propositions
This marriage is possible because the companies' strongest capabilities are complementary. One has strong service offerings and the other a strong set of endpoint security products. Specifically, Trustwave offers a wide range of Managed Security Services, including Managed Detection and Response (MDR), penetration testing, Managed SIEM, Threat Hunting, and Digital Forensics & Incident Response (DRIR). Cybereason's AI-powered Defense Platform uses one agent, one console, and one team to defend all endpoints against malicious operations (MalOp). Some individual products include Next-Generation Anti-Virus (NGAV) and advanced Endpoint Detection and Response (EDR).
In areas where the two entities overlap, they will work to reinforce their collective capabilities. This will be most pronounced in threat intelligence creation and sharing, as well as across MDR and DFIR, and in the services designed to improve customer Security Operations Center activities. Organizations are looking for help to address the vastly increasing threats and to address a cybersecurity skills gap.
Successful cybersecurity activities require strong threat intelligence. Both Trustwave’s SpiderLabs and Cybereason’s Nocturnus teams of threat analysts investigate and uncover emerging threats and malicious operations.
“Our combined resources in threat intelligence from Trustwave SpiderLabs and Cybereason researchers will deliver cutting-edge research on global threat actors," Trustwave CEO Eric Harmon wrote in a blog post. "This in-depth knowledge and situational awareness, embedded in our offerings, will empower us to better detect, isolate, and contain threats, providing unmatched protection for our clients.”
Layered Defense
Threat actors use all avenues available to them to attack a network. To stop them requires layers of defense. There are numerous security products that form the layers, but including integrated managed services allows for proactive threat detection and response. Being proactive in one’s cyber defense now includes OffSec, or Offensive Security, which uses the same tactics malicious actors deploy to uncover weaknesses that could be exploited. OffSec activities include risk assessments, penetration testing, red teaming, threat hunting, and incident readiness.
Combining Cybereason’s defensive capabilities with Trustwave’s offensive security offerings can provide customers with comprehensive layers of security that will improve overall cyber resilience.
Future-Proofing Security
Threat actors are aggressive, and they are dedicated to their craft. They are utilizing artificial intelligence (AI) to increase cyber-attack speed, scale, and automation. Defenders need to future-proof security by using similar tools. The joined companies are committed to investing in developing and utilizing purpose-built AI to detect and respond to events with improved cyber efficacy with greater speed and accuracy, according to the Cybereason press release on the announcement.
The merger will allow organizations of all sizes to address various types of threats. The combination of comprehensive cybersecurity products and services, with a unified platform, can reduce the complexity associated with a disjointed combination of solutions from multiple vendors. The combination of these security elements can provide security teams with improved visibility and deeper insights into the threat landscape, allowing for the deployment of proactive defenses.
The industry appears to be realizing that there needs to be greater collaboration between product and service vendors. “Organizations would like to reduce the number of security companies they interact with. They are looking for a partner, not just a vendor who they can work with using both products and service to address a full range of security pain points.”, said Pete Lindstrom, Cybersecurity Director at Taxwell. The Sophos announced purchase of Secureworks is another example of product/service synergy.
Enhancing Cyber Resilience
The mutually reinforcing portfolio across Cybereason and Trustwave offerings can provide a complete, layered, and unified ecosystem of defensive and offensive solutions. Investing in AI-driven security solutions that leverage threat intelligence and incorporate direct human experience can strengthen cyber resilience through a layered, unified cybersecurity approach. Organizations need to be proactive in their cybersecurity strategy. Given the importance of cybersecurity to business operations, CISOs need to consider how they can deploy holistic offerings that allow for the unification of products and services.
