Trustwave Execs: ‘We’re Continuing To Invest In Specialized Capabilities’ In Cybersecurity

“We [are] large scale looking for -- I’ll call it the ‘unknown unknown breaches’ -- that are out there,’ says Eric Harmon, Trustwave CEO. ‘We develop over 1,000 proprietary use cases that are tied to that research that go into our MDR and our product offerings. We’re continuing to differentiate by finding things that others don’t and building capabilities to remediate faster than others do and more successfully.”

Whether it’s increased capabilities, education or investing in partnerships to increase cybersecurity offerings, Trustwave’s mission is to deliver best-in-class services to its customers.

On Tuesday, the Chicago-based cybersecurity and managed security services company entered into a strategic partnership with technology services distributor Telarus, which can now leverage Trustwave’s offensive and defensive cybersecurity portfolio, including managed detection and response, managed security services, cyber advisory, penetration testing, database security and email security offerings.

“We [are] large scale looking for—I’ll call it the ‘unknown unknown breaches’— that are out there,” Eric Harmon (pictured), Trustwave CEO, told CRN. “We develop over 1,000 proprietary use cases that are tied to that research that go into our MDR and our product offerings. We’re continuing to differentiate by finding things that others don’t and building capabilities to remediate faster than others do and more successfully.”

To double down on its cybersecurity expertise, Trustwave earlier this year was acquired by the MC² Security Fund, an affiliate of The Chertoff Group, an internationally recognized security and growth advisory and investment firm.

The acquisition enhanced Trustwave’s SpiderLabs team, which yields threat research and intelligence, and its Fusion Security Operations platform, which enables the company to meet the security needs of global enterprises.

“From my perspective, this just accelerates what we’re doing in the channel,” Garrett Gee, global vice president of indirect channels and alliances at Trustwave, told CRN. “Over the last year and a half or so, we’ve really invested a lot of time and energy in building out our channel strategy and we’re seeing a lot of momentum associated with that.”

CRN spoke with Harmon and Gee about the acquisition, how it brings a deeper focus on cybersecurity and how Trustwave is delivering best-in-class offerings to its customers.

How is being under MC² Security Fund helping further your company’s mission?

Harmon: These guys are true cyber professionals. This is all they do and there are several really strong components that this will help us with. They’re at the board level and government level with all the CFOs and CEOs on cyber strategy given their background with both governments and Fortune 500 internationally. However, that’s more of an advisory role for them. They’ve never really had the delivery capabilities that Trustwave has so it’s a synergistic partnership between us and them to do that work. We’ve really made a move in the last 24 months to develop proprietary capabilities that are more sophisticated, such as MDR and pen testing, so our enterprise business has grown dramatically in that time.

Secondly, their reputation is outstanding. These guys have an impeccable reputation in the security community at the high end. They don’t take who they would want to work with lightly. So for us to be the choice for them to make the acquisition … they want to trust and protect their core brand and security chops as well. For The Chertoff Group, it was a lot more around, ‘What are you capable of doing and how good are you at it? It needs to preserve our reputation otherwise we’re not going to be working with you.’

Gee: From my perspective, this just accelerates what we’re doing in the channel. Over the last year and a half or so, we’ve really invested a lot of time and energy in building out our channel strategy and we’re seeing a lot of momentum associated with that. Having a partner like MC² really puts us in a good position to continue with that momentum.

What is Trustwave focusing on this year?

Harmon: For us, it’s continuing to go deep on our Fusion platform and developing proprietary and distinctive capabilities in the platform, which supports our MDR business. It’s also continuing to build on our Spider Labs capabilities where we have several patent-pending developments on threat hunting and offensive security. We’re also continuing to invest in specialized capability for our software products around database and email protection because that’s where most breaches happen, so we continue to pursue that strategy.

Gee: We’ve really focused on a less-is-more strategy in the channel. If we have hundreds of partners, our mindshare gets spread out a bit. We’ve really zeroed in on select partners, and that doesn’t necessarily mean that we have a smaller amount of partners, we just have contract vehicles with, what we think, is best of breed. That allows us to focus, get their mindshare and drive the growth initiatives directly with those entities, and we’re doing that across the globe.

Harmon: Because we are investing in a differentiated set of capabilities for a more sophisticated buyer, to make our channel successful [we need them to] spend the time with us to build their knowledge around our capabilities so that they could explain that really well to a buyer. It works for us and them because they position us for the clients who are going to value what we do. We then spend time on the right clients, and it’s great for them because then they’re more likely to win and sell the right offering to their clients. When we see that co-investment with us teaching them and them being willing to learn about this, it tends to work better.

What cybersecurity trends are you currently watching?

Harmon: I think you’re going to see more layered security as opposed to one thing being the catch-all, so layering your security to make yourself harder to get into will be something that continues. The second you’ll see as an emerging trend is the greater expectation to add value beyond tools you buy. I think you’re going to continue to see growth in cyber spending, rapid growth in the market, but people are demanding greater returns from that spend. They want to know, ‘Why am I buying this? What is it doing for me? How are you creating that value?’ I think you’re getting asked that question more often. You’re seeing a lot of customers who made major investments in tools pre-2022 but don’t know how to use those software tools or don’t have the capability. The third thing you’re going to see is more vendor-customer partnering. It’s not so much, ‘You do this, I do that.’ It’s ‘We do this together and here’s what the role is,’ because no company can generally hire enough people with the right skills.

What is the biggest ask from your customers?

Harmon: They’re asking, ‘How do I make sure I'm protected?’ so they start there. But there’s a much greater level of concern now. They see the risk and they understand it’s now a board- and SEC-level issue but they don’t have unlimited money to pump into it. Now we’re getting asked, ‘How do we use the investments we have? How do we get the most from them? What’s the right way to augment them to deliver a true blanket protection?’ They’re saying, ‘I don’t know if I’m spending money the right way or not.’ That’s why more service providers are being created because that expertise is needed.

Eric, what is your biggest challenge?

Harmon: It’s education, whether it be our channel partners or our customers to be educated well enough to know what to buy, what not to buy and how to maximize the spend. You’re getting a lot of vendors out there today who are saying, ‘Hey, just buy this and it’ll solve your problem.’ And it doesn’t solve the problem, but it’s a great story if it were true so people tend to want to believe it. So our greatest challenge really is around education at the detailed level to know what the risks are and how to manage them. When our customers know that, that’s when they value our Fusion platform, our Spider Labs and our products the most.

What threats do you think AI pose to the IT environment?

Harmon: We use AI to build capabilities to be speedier in our reaction to recognize threats. In the short term it makes it easier for threat actors to replicate code. Threat actors are getting smarter and more sophisticated with their coding to be able to get past basic defenses or to find gaps in security, and AI really speeds that up for them. In the longer term, what code can they write using AI to get around specifically engineered EDR [endpoint detection and response] tools? The other big thing that I see is phishing emails—most breaches still happen through phishing.