LevelBlue acquires Trustwave to form largest global MSSP
The acquisition of Trustwave from MC2 Security Fund is expected to create the world's largest independent, pure-play managed security services provider. This move closely follows LevelBlue's recent agreement to purchase Aon's cybersecurity consulting business, further consolidating its position in the cyber defence sector.
Expanded capabilities
Trustwave's Fusion Platform and cloud-native MDR service will be integrated into LevelBlue's offering. The merger aims to deliver 24/7 cybersecurity protection across global markets, enhancing visibility and control over security operations for organisations of varying scales.
The combined portfolio is anticipated to create a strategically unified managed defence platform. It will leverage LevelBlue's artificial intelligence-driven threat detection capabilities and Trustwave's SpiderLabs unit for threat research and intelligence. The joint offering targets organisations operating across cloud, hybrid, and on-premises environments.
Trustwave recently achieved full authorised status from the US Federal Risk and Authorization Management Program (FedRAMP) and StateRAMP, which will enable LevelBlue to meet requirements for US federal and state projects, including those with stringent security demands such as the Department of Defense and Cybersecurity Maturity Model Certification (CMMC). "The acquisition of Trustwave represents a pivotal moment for LevelBlue and the cybersecurity industry," said Robert McCullen, Chairman and CEO of LevelBlue. "Trustwave's extensive expertise in managed detection and response services, combined with its unparalleled threat intelligence from SpiderLabs and mission-critical FedRAMP and StateRAMP authorizations, perfectly aligns with our vision to deliver simplified and powerful cybersecurity protection to organisations. This strategic move reflects our commitment to delivering better cybersecurity outcomes to our customers and enhances our global go-to-market capabilities, as well as in the U.S. federal, state, and local government markets."
Eric Harmon, Chief Executive Officer of Trustwave, said, "We're thrilled to partner with LevelBlue to drive our next phase of growth and unlock even greater cyber value for our clients. The threat landscape continues to evolve at an increasingly rapid pace. This announcement reinforces Trustwave's market leadership, and together with LevelBlue, positions us to further strengthen our combined leadership position, bolster our offensive and defensive security portfolio, and drive additional innovation to further safeguard and fortify our clients against disruptive and damaging cyber threats."
Market response
Trustwave, headquartered in Chicago and operating globally, employs over 1,000 security professionals. It is recognised as an industry leader in managed detection and response, managed security services, cybersecurity advisory, penetration testing, database, and email security. Its SpiderLabs team contributes threat research and intelligence, integrated into its product and service suite.
Market analysts noted the significance of the deal, particularly in light of recent consolidations in the managed security sector.
Christina Richmond, Principal Analyst at Richmond Advisory Group, stated, "Two longtime leaders in MSS and MDR coming together signals market maturation and industry consolidation, but also a powerhouse opportunity. Trustwave's SpiderLabs team and Fusion platform integrated with LevelBlue's threat intelligence and machine learning capabilities, backed by the Open Threat Exchange (OTX), will enhance threat detection and response on a cloud-based platform. Add in the recently announced acquisition of Aon's Cybersecurity and Intellectual Property Litigation consulting groups, and the potential for a full-service global cybersecurity and risk management firm is apparent."
Strategic impact
The acquisition fits into LevelBlue's broader approach of merging complementary organisations to build a stronger, more integrated offering for clients, specifically addressing increased demand for comprehensive managed cybersecurity solutions. Bringing together the two companies will position LevelBlue as the largest independent, pure-play MSSP globally.
Chad Sweet, Chairman of Trustwave and Co-Founder of The Chertoff Group / MC2, expressed support for the acquisition. "Joining forces with LevelBlue marks an exciting new chapter for Trustwave and our clients. The combination of LevelBlue's AI threat detection and Trustwave's FedRAMP and StateRAMP authorized Fusion Intelligent Security Operations Platform enables leading-edge cybersecurity protection for enterprises and government clients."
Shawn Hakl, Head of AT&T Business Products, commented on the significance of the certification aspects. "FedRAMP and StateRAMP certified managed detection and response capabilities are an exciting expansion to LevelBlue's managed security services. This business combination positions LevelBlue as a strategic provider of cybersecurity services in AT&T's portfolio, especially to our valued federal customers."
Financial advice for LevelBlue was provided by Santander, with legal counsel from Kirkland & Ellis. Trustwave's advisors included Guggenheim Securities and Pillsbury Winthrop Shaw Pittman. Strategic advice will be provided by The Chertoff Group to help accelerate growth in the managed detection and response market segment. The financial terms of the deal were not disclosed, and the acquisition remains subject to customary closing conditions.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Techday NZ
4 days ago
- Techday NZ
LevelBlue acquires Trustwave to form largest global MSSP
LevelBlue has entered into an agreement to acquire Trustwave, expanding its capabilities in managed security services and managed detection and response. The acquisition of Trustwave from MC2 Security Fund is expected to create the world's largest independent, pure-play managed security services provider. This move closely follows LevelBlue's recent agreement to purchase Aon's cybersecurity consulting business, further consolidating its position in the cyber defence sector. Expanded capabilities Trustwave's Fusion Platform and cloud-native MDR service will be integrated into LevelBlue's offering. The merger aims to deliver 24/7 cybersecurity protection across global markets, enhancing visibility and control over security operations for organisations of varying scales. The combined portfolio is anticipated to create a strategically unified managed defence platform. It will leverage LevelBlue's artificial intelligence-driven threat detection capabilities and Trustwave's SpiderLabs unit for threat research and intelligence. The joint offering targets organisations operating across cloud, hybrid, and on-premises environments. Trustwave recently achieved full authorised status from the US Federal Risk and Authorization Management Program (FedRAMP) and StateRAMP, which will enable LevelBlue to meet requirements for US federal and state projects, including those with stringent security demands such as the Department of Defense and Cybersecurity Maturity Model Certification (CMMC). "The acquisition of Trustwave represents a pivotal moment for LevelBlue and the cybersecurity industry," said Robert McCullen, Chairman and CEO of LevelBlue. "Trustwave's extensive expertise in managed detection and response services, combined with its unparalleled threat intelligence from SpiderLabs and mission-critical FedRAMP and StateRAMP authorizations, perfectly aligns with our vision to deliver simplified and powerful cybersecurity protection to organisations. This strategic move reflects our commitment to delivering better cybersecurity outcomes to our customers and enhances our global go-to-market capabilities, as well as in the U.S. federal, state, and local government markets." Eric Harmon, Chief Executive Officer of Trustwave, said, "We're thrilled to partner with LevelBlue to drive our next phase of growth and unlock even greater cyber value for our clients. The threat landscape continues to evolve at an increasingly rapid pace. This announcement reinforces Trustwave's market leadership, and together with LevelBlue, positions us to further strengthen our combined leadership position, bolster our offensive and defensive security portfolio, and drive additional innovation to further safeguard and fortify our clients against disruptive and damaging cyber threats." Market response Trustwave, headquartered in Chicago and operating globally, employs over 1,000 security professionals. It is recognised as an industry leader in managed detection and response, managed security services, cybersecurity advisory, penetration testing, database, and email security. Its SpiderLabs team contributes threat research and intelligence, integrated into its product and service suite. Market analysts noted the significance of the deal, particularly in light of recent consolidations in the managed security sector. Christina Richmond, Principal Analyst at Richmond Advisory Group, stated, "Two longtime leaders in MSS and MDR coming together signals market maturation and industry consolidation, but also a powerhouse opportunity. Trustwave's SpiderLabs team and Fusion platform integrated with LevelBlue's threat intelligence and machine learning capabilities, backed by the Open Threat Exchange (OTX), will enhance threat detection and response on a cloud-based platform. Add in the recently announced acquisition of Aon's Cybersecurity and Intellectual Property Litigation consulting groups, and the potential for a full-service global cybersecurity and risk management firm is apparent." Strategic impact The acquisition fits into LevelBlue's broader approach of merging complementary organisations to build a stronger, more integrated offering for clients, specifically addressing increased demand for comprehensive managed cybersecurity solutions. Bringing together the two companies will position LevelBlue as the largest independent, pure-play MSSP globally. Chad Sweet, Chairman of Trustwave and Co-Founder of The Chertoff Group / MC2, expressed support for the acquisition. "Joining forces with LevelBlue marks an exciting new chapter for Trustwave and our clients. The combination of LevelBlue's AI threat detection and Trustwave's FedRAMP and StateRAMP authorized Fusion Intelligent Security Operations Platform enables leading-edge cybersecurity protection for enterprises and government clients." Shawn Hakl, Head of AT&T Business Products, commented on the significance of the certification aspects. "FedRAMP and StateRAMP certified managed detection and response capabilities are an exciting expansion to LevelBlue's managed security services. This business combination positions LevelBlue as a strategic provider of cybersecurity services in AT&T's portfolio, especially to our valued federal customers." Financial advice for LevelBlue was provided by Santander, with legal counsel from Kirkland & Ellis. Trustwave's advisors included Guggenheim Securities and Pillsbury Winthrop Shaw Pittman. Strategic advice will be provided by The Chertoff Group to help accelerate growth in the managed detection and response market segment. The financial terms of the deal were not disclosed, and the acquisition remains subject to customary closing conditions.
Techday NZ
27-06-2025
- Techday NZ
Tech sector faces sharp rise in AI & ransomware threats
New research from Trustwave highlights an increase in cyber threats facing technology organisations globally, with ransomware and AI-driven attacks on the rise. The series of reports released by the Trustwave SpiderLabs team outlines a rapidly evolving risk landscape for technology firms. According to the findings, companies in the technology sector account for 85% of all targeted ransomware incidents worldwide, with a 10% weekly increase in ransomware activity. Industry under pressure The reports detail how the technology industry's extensive integration with other sectors and fast-paced innovation have made it an appealing target for cybercriminals. Trustwave SpiderLabs analysts note that a sophisticated network of attackers is exploiting vulnerabilities ranging from supply chains to legacy systems. Ransomware operators noted in the reports, such as Ransomhub, CLOP, Akira, and Fog, have intensified their campaigns against technology firms, deploying tactics that include double extortion schemes and mass data exfiltration. The research identifies publicly exposed services, minimal year-over-year improvement in system exposure, new vulnerable ports, and outdated operating systems as ongoing points of access for attackers. AI-driven and supply chain threats One of the key trends highlighted is the use of artificial intelligence by attackers. Offensive AI is being used to craft increasingly advanced phishing emails, facilitate social engineering, and automate elements of supply chain attacks. This has led to larger and more successful campaigns by cybercriminals against technology sector targets. Supply chain attacks are another major concern noted in the reports. Cybercriminals are increasingly targeting third-party vendors, compromising continuous integration and delivery (CI/CD) pipelines, and exploiting open-source libraries. These breaches often stem from a single compromised supplier but can result in widespread and persistent security incidents for numerous technology firms. The dark web is also described as enabling a professionalised and collaborative ecosystem for attackers. Cybercriminals are monetising access and information stolen from technology companies, contributing to higher rates and values of supply chain attacks. Expert viewpoint "The technology sector's relentless pace of innovation is matched only by the creativity and determination of today's cyber adversaries. Our latest research shows that cybercriminals are not just keeping up—they're industrialising their operations, exploiting supply chains, and weaponising artificial intelligence (AI). Trustwave is committed to helping technology organisations build resilience through world-class threat intelligence, MDR, and security solutions that address the realities of a hyper-connected digital world." This statement was provided by Kory Daniels, Chief Information Security Officer at Trustwave, who emphasised the increasing professionalism and sophistication of attackers targeting the technology sector. Recommendations for technology firms The Trustwave SpiderLabs reports include several recommendations aimed at helping technology organisations bolster their defences. These suggestions centre on adopting a proactive, intelligence-led approach to cybersecurity: They encourage firms to implement robust identity and access management strategies, including multi-factor authentication and strict least-privilege policies. The reports also call for regular system inventory, risk assessment, and prompt patching of all networked devices—particularly those exposed to the public internet. Monitoring for dark web leaks and third-party supply chain risks using advanced threat intelligence tools is recommended, along with investment in AI-powered security systems capable of detecting and responding to sophisticated threats. Additionally, the reports highlight the need for ongoing employee security awareness training and the regular simulation of incident response protocols to prepare staff for potential breaches. The Trustwave research series includes the following titles: 2025 Trustwave Risk Radar Report: Technology sector, Technology sector deep dive: AI: The double-edged sword of the technology industry, and Technology industry deep dive: Dark web-powered supply chain attacks. Findings from the reports suggest that cybercriminals are not only broadening their reach, but also refining their tactics through the adoption of new technologies and collaborative practices. This, according to Trustwave, requires an equally sophisticated and comprehensive response from technology organisations seeking to reduce their exposure to risk and disruption.
Techday NZ
26-06-2025
- Techday NZ
Cybercrime surge hits technology sector as AI & supply chain attacks rise
New research has detailed how cybercriminals are increasingly targeting technology companies, leveraging advanced technologies and dark web marketplaces to intensify the impact of their attacks across global industries. The latest threat intelligence series from Trustwave details how both the pace and sophistication of cyber threats facing the technology sector have increased, with attackers now utilising supply chain vulnerabilities, artificial intelligence (AI), and stolen credentials to gain access to broader digital ecosystems. Supply chain attacks Trustwave's analysis reveals that access to sensitive components—such as GitLab API keys—can be sold on the dark web for up to USD $1,400, with such credentials marketed specifically for use in supply chain attacks. The report also highlights that credentials harvested through infostealers are actively traded and weaponised by attackers, providing a route to infiltrate technology providers with the aim of moving laterally across entire supply chains and partner networks. Instead of simply targeting individuals with stolen logins, cybercriminals are utilising these credentials to access wider digital infrastructures. Once inside, they are able to traverse interconnected services and platforms, opening potential backdoors into multiple organisations. Rise in ransomware targeting tech companies Trustwave SpiderLabs found that ransomware activity is increasingly focusing on technology vendors, with 85 percent of ransomware incidents in early 2025 impacting this sector, as opposed to end-user companies. Prominent ransomware groups such as Ransomhub, CLOP, Akira, and Fog have intensified their campaigns, driving a 10 percent weekly increase in attacks against technology organisations worldwide. The report notes that these attacks often feature double extortion tactics and mass data exfiltration, primarily affecting software, cloud, and infrastructure providers. Attacks exploiting third-party dependencies, CI/CD (continuous integration and continuous deployment) pipelines, and open-source libraries have also led to widespread breaches, sometimes originating from just a single compromised vendor. Legacy systems and public exposure Publicly exposed services remain a persistent risk, with minimal changes in overall exposure year-on-year. However, the continued use of legacy operating systems and new, vulnerable network ports are providing ongoing opportunities for threat actors to gain footing in technology environments. Weaponisation of AI The research indicates that offensive AI is enabling cybercriminals to craft more effective phishing campaigns, social engineering threats, and supply chain attacks. This increase in sophistication is reflected in both the scale and success rate of cyber intrusions targeting technology firms. Professionalisation of cybercrime The dark web is underpinning a professional and collaborative cybercriminal ecosystem, with attackers monetising data and access obtained from successful breaches. The increasing value and frequency of supply chain attacks are being driven by this underground marketplace, as criminal groups work together to amplify their reach. "The technology sector's relentless pace of innovation is matched only by the creativity and determination of today's cyber adversaries. Our latest research shows that cybercriminals are not just keeping up—they're industrializing their operations, exploiting supply chains, and weaponizing AI," said Kory Daniels, CISO at Trustwave. "Trustwave is committed to helping technology organizations build resilience through world-class threat intelligence, MDR, and security solutions that address the realities of a hyper-connected digital world." Trustwave's reports, including the 2025 Risk Radar Report: Technology Sector and research supplements on AI threats and dark web supply chain attacks, offer a comprehensive look at these evolving risks. Recommendations for technology organisations Trustwave SpiderLabs has issued several recommendations for technology firms to better protect themselves in this hostile environment. Organisations are urged to implement robust identity and access controls—such as multi-factor authentication and least-privilege policies—and to maintain regular inventories, assessments, and patches for all systems, particularly those exposed to the public internet. The guidance also includes ongoing monitoring for dark web leaks and third-party risk via advanced threat intelligence, investing in AI-powered security solutions to detect and counter emerging attacks, and bolstering employee readiness through ongoing security training and incident response practice. These recommendations reflect the growing recognition that technology organisations serve as a digital backbone for industries globally, making their protection critical to wider economic and operational stability in the face of sustained cyber threats.
