The IT Nerd

Trend Micro Incorporated today revealed that the risk of cyber attacks has increased in the last year. According to a new survey, 80% of global organizations report they are likely to experience a data breach that impacts customer data in the next 12 months.

The findings come from Trend Micro’s biannual Cyber Risk Index (CRI) report, which measures the gap between respondents’ cybersecurity preparedness versus their likelihood of being attacked. In the first half of 2021 the CRI surveyed more than 3,600 businesses of all sizes and industries across North America, Europe, Asia-Pacific, and Latin America.

Read a full copy of the report, produced by the Ponemon Institute, here:https://www.trendmicro.com/cyberrisk.

The CRI is based on a numerical scale of -10 to 10, with -10 representing the highest level of risk. The current global index stands at -0.42, a slight increase on last year which indicates an “elevated” risk.

Organizations ranked the top three negative consequences of an attack as customer churn, lost IP and critical infrastructure damage/disruption.

Key findings from the report include:

• 86% said it was somewhat to very likely that they’d suffer serious cyber-attacks in the next 12 months, compared to 83% last time
• 24% suffered 7+ cyber attacks that infiltrated networks/systems, versus 23% in the previous report.
• 21% had 7+ breaches of information assets, versus 19% in the previous report.
• 20% of respondents said they’d suffered 7+ breaches of customer data over the past year, up from 17% in the last report.

Among the top two infrastructure risks was cloud computing. Global organizations gave it a  6.77, ranking it as an elevated risk on the index’s 10-point scale. Many respondents admitted they spend “considerable resources” managing third party risks like cloud providers.

The top cyber risks highlighted in the report were as follows:

• Man-in-the-middle attacks 
• Ransomware 
• Phishing and social engineering
• Fileless attack
• Botnets

The top security risks to infrastructure remain the same as last year, and include organizational misalignment and complexity, as well as cloud computing infrastructure and providers. In addition, respondents identified customer turnover, lost intellectual property and disruption or damages to critical infrastructure as key operational risks for organizations globally.

The main challenges for cybersecurity preparedness include limitations for security leaders who lack the authority and resources to achieve a strong security posture, as well as organizations struggling to enable security technologies that are sufficient to protect their data assets and IT infrastructure.

Trend Micro today released new research that reveals a major gap in security capability among mobile operators, which in many cases is not yet being filled by industry partnerships.

In the 5G era, and a rapidly changing digital landscape, operators could broaden their security credentials with partners as they look to deliver on their desire to secure private networks.

Learn more about the research during Mobile World Congress with Trend Micro’s Ed Cabrera: https://www.mwcbarcelona.com/agenda/session/enabling-digital-transformation-of-industries-in-the-5g-era.

According to the study, 68% of operators sell private wireless networks to enterprise customers with the rest planning to do so by 2025. Nearly half (45%) of operators consider it extremely important to invest in security to achieve long-term enterprise revenue goals. To this end, 77% of operators are planning to offer security as part of their private network solutions.

In addition, the report found that:

• 51% of operators see edge computing (Multi-Access Edge Computing, or MEC) is a key part of their near future enterprise strategy. Only 18% of operators currently secure their endpoints or edge.
• 48% of operators cite a lack of adequate knowledge or tools to discover vulnerabilities as a top 5G security challenge.
• 39% have a limited pool of security experts.
• 41% struggle with network virtualization vulnerabilities.

The role operators can play in securing the private network ecosystem is particularly important in the 5G Era. New threat vectors will materialize as enterprises look to embrace new communications technologies (5G, edge computing, cloud computing, private wireless, IoT) to digitally transform their business. Operators are in a prime position to address these and profit in supporting their enterprise customers. To take on this role, operators will want to broaden their credentials or partner with security, cloud or IT vendors capable of filling any gaps in their security portfolios and expertise.

As a security platformer with 5G service providers for Enterprise, Trend Micro understand the needs of its corporate customers and partners with these organizations to best meet those needs.

To read a full copy of the report, Securing 5G Era Private networks, please visit: https://data.gsmaintelligence.com/research/research/research-2021/securing-private-networks-in-the-5G-era.

The report is based on two GSMA Intelligence surveys:

• GSMA Intelligence Operators in Focus 2021 survey spans 100 decision-makers from operators around the world to understand their views on the enterprise opportunity.
• The GSMA Intelligence Enterprise in Focus 2020 survey spans 2,873 companies in eight industry verticals and 18 countries.

Trend Micro Incorporated today released results from a new study that reveals SOC and IT security teams are suffering from high levels of stress outside of the working day—with alert overload a prime culprit.

According to the study, which polled 2,303 IT security and SOC decision makers across companies of all sizes and verticals, 101 of those were Canadian, 70 per cent of global respondents say their home lives are being emotionally impacted by their work managing IT threat alerts. Nearly half (46 per cent) of Canadian SOT/IT security teams are overwhelmed by the volume of security alerts and 52 per cent admit that they aren’t entirely confident in their ability to prioritize and respond to them. It’s no wonder therefore that teams are spending as much as 25% of their time dealing with false positives.

These finding are corroborated by a recent Forrester study, which found that “security teams are heavily understaffed when it comes to incident response, even as they face more attacks. Security operations centers (SOCs) need a more-effective method of detection and response; thus, XDR takes a dramatically different approach to other tools on the market today.”

Outside of work, the high volumes of alerts leave many Canadian SOC managers unable to switch off or relax, and irritable with friends and family. Inside work, they cause individuals to turn off alerts (30% do so occasionally or frequently), walk away from their computer (46%), hope another team member will step in (46%), or ignore what is coming in entirely (36%).

With a staggering 65% of Canadian respondents, and 74% globally, already dealing with a breach or expecting one within the year, and the estimated average cost per breach USD$235,000, the consequences of such actions could be disastrous.

Trend Micro Vision One is the company’s answer to the struggles of SOC teams. Prioritized, correlated alerts using data from the entire IT environment help teams spend their time more wisely. Fewer alerts and stronger intelligence allow teams to regain balance in their work life and ease the emotional toll of security.

Research methodology

The survey was conducted among 2303 IT security decision makers in 21 regions. In Canada, 101 IT security decision makers were surveyed through online interviews by Sapio Research in April 2020 using an email invitation and an online survey. At an overall level results are accurate to ± 9.8% at 95% confidence limits assuming a result of 50%.

Trend Micro Incorporated today launched a new, co-built SaaS solution with Snyk, the leader in cloud native application security. The first of its kind, it’s designed to provide continuous insight into open source vulnerabilities for enhanced risk management to drive data-driven decisions.

Trend Micro Cloud One – Open Source Security by Snyk is the newest Cloud One service and the first partner addition to the platform, which is available through the channel as well as AWS Marketplace. 

To find out more visit: https://www.trendmicro.com/en_us/business/products/hybrid-cloud/cloud-one-open-source-security-by-snyk.html

This is the first service that provides visibility into open source software vulnerabilities for security operation teams. The use of these open source code components is exploding thanks to the speed, flexibility, extensibility and quality they offer application development teams. According to Snyk, 80% of application code today is open source.

In their Market Guide for Software Composition Analysis, Gartner stated that “Open-source software is used in nearly all organizations. This introduces risks from readily exploitable vulnerabilities; an expanded attack surface through which malware and malicious code can gain access, compromising proprietary code and infrastructure; and legal and intellectual property exposures.”

Snyk has observed 2.5x growth in open source vulnerabilities over the past three years making it more necessary than ever to deliver security further into the DevOps pipeline. However, process gaps, mismatched toolsets and communication challenges between SecOps and DevOps are commonplace. Too often, this means security practitioners face an uphill battle and lack visibility into application build-time risks. This cloud service from Trend Micro and Snyk bridges the long-standing cultural challenges between security and development teams with a unified solution that delivers unique visibility sooner in the software development lifecycle to further protect the stack.

Almost all applications developed across the world in the last 25 years have been built using open source code. As the pressure to build and deliver new cloud-native applications continues to increase, organizations often lose sight of older applications, their component inventories, and maintenance and update cycles—creating further opacity and risk.

Trend Micro Cloud One – Open Source Security by Snyk also enables SecOps to identify vulnerabilities and issues related to licensing. This empowers security teams to better monitor, prioritize and communicate risk and exposure rates within DevOps projects over time. This happens with: 

• Data-driven security decisions
• Continuous monitoring of threat levels
• Effective prioritization of risks and remediation recommendations

Built-in automation also helps security teams quickly identify and gain awareness of indirect open source dependencies that both security and developer teams may not be aware exist in their applications. Approximately eight hours can be saved per vulnerability through automation and early discovery.

The service is available along with the entire Cloud One platform on AWS Marketplace. 

For more information and to get started with Snyk for free today, visit https://snyk.io.

Trend Micro Incorporated today announced a major refresh of the Trend Micro partner program that provide more cloud services resources and rewards partners with additional discounts for enabling organizations to better secure public cloud computing environments.

The objective of the revamped program is to make it more profitable for partners that work with customers to deploy best-in-class Trend Micro cloud security services via our authorized distributors and the AWS Marketplace or the AWS Consulting Partner Private Offer(CPPO) program, through which many cloud-native partners already resell AWS services.

Digital transformation has surged over the past year as organizations shift workloads to the cloud to support remote working, optimize business processes and drive innovative business strategies to engage customers. Channel partners supporting these organizations need a cybersecurity partner they can trust to help them secure a wide range of application environments with confidence.

The cornerstones of the cloud-first partner program are:

• A cloud-first focus on partners that provide cloud services, such as AWS Consulting Partners or those who have achieved AWS Well-Architected Review (WAR) competencies that assure high-quality security services are implemented in accordance with best practices defined by AWS. The new program offers partners service-oriented pre-sales support, co-selling tools, and free access to Trend Micro’s cloud security posture management solution, Cloud One – Conformity, that can accelerate and automate well-architected security assessments.
• Increased deal registration discounts to protect margins for partners who register opportunities and actively work with us to bring customer success.
• Cloud marketplace bundles and security services enablement: Trend Micro’s cloud-first program and new enablement platforms will enable partners to build their cloud service bundles and grow their businesses more profitably on the AWS Marketplace. Our partners are entitled to full use of our new white-label cybersecurity assessment services, cloud risk assessment tool, and can enroll in the Trend Micro professional service partner program.
• Early Warning Services: The Trend Micro Vision One platform allows Trend Micro’s Incident & Response teams to proactively provide joint customers with threat intelligence and risks through daily scanning for indicators of compromise (IoC) related to notable targeted attacks. It opens a path for partners to build their services to help customers respond to and mitigate threats quickly and efficiently. 
• Commitment to simplicity and flexibility that shifts compensation from a tier-based standard discount model to a flat standard discount for all partner types. 

Trend Micro’s channel strategy has been recognized with multiple accolades including four separate achievements just this year from CRN including a 5-star rating in its 2021 partner program guide, recognitions on the Top 100 Coolest Cloud Companies list and Top 100 Security Companies list. In addition, the company was named as a Champion in the Canalys Global Cybersecurity Leadership Matrix for 2020 for the increased investment in its channel-first strategy to help partners drive SaaS business across its portfolio.

For more information about the Trend Micro partner program and partnership opportunities, please visit: https://www.trendmicro.com/en_ca/partners/channel-partners/professional-services-partner.html

Trend Micro Incorporated today announced that Canada accounted for 153,584 of total COVID-themed cyber-threat detections last year, placing it in the list of Top 20 countries at the eighteenth spot.

Globally, the Trend Micro Smart Protection Network (SPN) detected nearly 16.4 million threats, consisting of malicious URLs, spam, and malware, over the course of 2020. The vast majority of these (88%) were email-borne spam threats. Examples of this include phishing attempts using COVID-19 as a lure in an attempt to steal personal and financial information.

Canada ranked ahead of Croatia and Turkey on the list of Top 20 countries, and behind Uruguay. The United States has the highest amount of COVID-themed cyber-threat detections with over 6 million. 

In total, Trend Micro blocked over 62.6 billion cyber-threats in 2020, a 20% year-on-year increase. Attacks on home networks globally surged 209% to reach nearly 2.9 billion as cyber-criminals adapted quickly to the mass shift to distributed working caused by the pandemic.

Trend Micro’s 2020 Security Roundup report also revealed the detection of over 175 million phishing URLs during 2020 as attackers sought to target distracted home workers using potentially unsecured devices and networks.

To read the full report, please visit this link.

Trend Micro Incorporated combats security alert overload and resource constraints with an extensible platform that provides visibility and response from a single console. The new platform, Trend Micro Vision One^TM, has extended detection and response (XDR) at its core and raises the bar with new capabilities to helpsecurity teams to see more and respond faster.

Organizations are struggling with siloed tools, disjointed alerts and stealthy, sophisticated threats, whether they have a Security Operations Center (SOCs) or are relying on stretched IT security teams for SOC functions. Trend Micro has helped hundreds of organizations identify and reduce cyber risk by correlating alerts across the entire IT environment, with the industry-first XDR solution launched in 2019.  Now, with Vision One, Trend Micro is solving more complex security challenges with enhanced XDR, new risk visibility, new third-party integrations, and simplified response to threats across security layers.

With Trend Micro Vision One, organizations can maximize efficiency by making less sophisticated security resources operate at a more expert level. The new platform allows them to faster dissect security incidents, identify critical threat patterns and complex attacks and understand their overall security posture and trends, so organizations can proactively identify and assess potential security risks.

According to Gartner, Innovation Insight for Extended Detection and Response, March 2020, “Two of the biggest challenges for all security organizations are hiring and retaining technically savvy security operations staff, and building a security operations capability that can confidently configure and maintain a defensive posture as well as provide a rapid detection and response capacity. Mainstream organizations are often overwhelmed by the intersectionality of these two problems.”

The holistic threat defense platform is true to its name, offering:

• Visibility & threat intelligence: Cross-layer detection models, along with security risk visibility supported by Trend Micro Research insights, enable enterprises to see complex attacks and particular points of security risk that siloed solutions miss. In preview, are new insights into SaaS application usage, their risk levels and trends over time.
• Purpose-built sensors: Native integrations with Trend Micro security stack across critical security layers.
• Fit with existing infrastructure: Out-of-the-box, API integrations with existing third-party solutions already in use to compliment workflows.
• Simplified management: Ability to adjust security policies and drive response actions across security layers from a single console instead of swivel chair management

In addition to the layered security from Trend Micro, customers can easily connect this new platform into other security technologies such as third-party endpoint protection platforms and SIEM and SOARs, including new integrations with Fortinet,  Microsoft Sentinel and Splunk just to name a few. Early adopting customers are ready to act on the developing opportunity to integrate beyond SIEM and SOAR, with solutions like firewalls, ticketing solutions, identity and access management.

This new blog from IDC resulted from a briefing prior to launch and goes into further detail on the new Trend Micro platform. To find out more about Trend Micro Vision One, please visit TrendMicro.com. 

Trend Micro has found that healthcare organizations (HCOs) have accelerated their spending on cloud migration, but many may be over-estimating their ability to protect these environments.

Trend Micro commissioned Sapio Research to survey more than 2,500 IT decision makers in 28 countries, including Canada, across several industry sectors. For HCOs in particular, The results revealed that 88% have accelerated their cloud adoption because of the pandemic, on par with the global finding. Globally, remote working, cost savings and improved IT agility were three main reasons for the switch to cloud-based infrastructure.

According to the survey findings, rapid shifts to the cloud may leave organizations at higher risk of cyber threats. Here are four challenges HCOs in Canada are reportedly faced when moving to cloud-based environments:

• Skills shortages: Half (49% vs. 43% globally) revealed that skills gaps are a persistent barrier to migrating to cloud security solutions.
• Day-to-day operations: Setting and maintaining policies (32% vs. 34%), patching and vulnerability management (29% vs. 32%), and misconfigurations (35% vs 32%) were challenges of protecting cloud workloads.
• Increased costs: 43% (same as global result) have spent more on capital expenses and paying for contracted out services, while 43% (vs. 39% globally) have spent more on operational and training costs since migrating.
• Security responsibility: Over one-third (37% vs. 48%) are confident they understand their part of the Shared Responsibility Model.

While cloud migration isn’t simple, it can be enabled and improved using the right security tools.

The healthcare sector has been on the frontline in the struggle against COVID-19, and digital transformation can make a positive impact on productivity and patient care during this time of critical need. However, it is essential that the broader attack surface of an expanded digital infrastructure is given due consideration.

With the right cloud-ready solutions in place, HCOs can maximize cloud benefits without putting mission-critical systems or patient data at risk. Such tools can also minimize skills challenges by spotting misconfigurations, automating patching and policy management, and integrating security into DevOps, across both cloud and on-premise environments.

Trend Micro Incorporated today announced its advanced container security solution Cloud One – Container Security. Designed to ease the security of container builds, deployments and runtime workflows, the new service helps developers accelerate innovation and minimize application downtime across their Kubernetes environments, from a single tool.

This new service is an important addition to Trend Micro’s Cloud One services platform that was introduced last year. As IDC stated, “Trend Micro launched Cloud One, its integrated cloud security services (SaaS) platform that addresses customers’ security challenges around datacenter servers and virtual machines, IaaS workloads, containers and containers services, cloud security posture management, cloud file and object storage services, and serverless.” 

Global organizations are increasingly leveraging containers to accelerate cloud migration, rearchitect monolithic applications and build and integrate seamless cloud native applications. This can create security gaps that traditional network and endpoint tools are not capable of addressing.

Trend Micro Cloud One Container Security offers three main elements:

Container image scanning

This scans at build time for the earliest possible detection and lowest cost remediation. In addition, through partnership with Snyk there is a scan against the market leading open source vulnerability database. This provides early detection and mitigation of vulnerabilities in third-party code dependencies. Cloud One – Container Security will:

• Look for vulnerabilities in the packages included in the container
• Detect malware using signatures and advanced machine learning techniques
• Find embedded secrets such as passwords, API tokens, or license keys
• Sweep for IoCs using industry-standard Yara rules

Policy-based deployment control

Container security enables you to create policies that allow or block deployments based on set rules. Native integration with Kubernetes ensures that all deployments run in a production environment are safe.

Cloud-native runtime security

Once an image has been deemed safe and is deployed into production, Cloud One Container Security will protect the container in the runtime environment. This offers ongoing vulnerability detection for the containerized application and provides relevant feedback to security and DevOps teams in case further action is needed.

Trend Micro and Simon Fraser University have partnered to help train future cybersecurity professionals entering the workforce at a time in which specialized skills in cloud security is needed. This new partnership is another step Trend Micro is making this year to connect Canadian students with industry insights and networking opportunities while they are still in school.

Trend Micro is already providing course lectures, lab exercises and assessments in cloud security to the first cohort of SFU’s new Professional Master’s Program in Computer Science – Cybersecurity Concentration, which launched in September 2020. In the span of 16 to 20 months, the program educates students in a broad range of cybersecurity topics. Almost half of the curriculum consists of lab work providing students with hands-on experience necessary for a successful career path in the cybersecurity field. 

Students have the opportunity to explore cyber risks related to cloud infrastructure and cloud native applications. In addition, they are learning the necessary skills needed to secure these environments in an AWS lab environment using some of Trend Micro’s CloudOne solutions pertaining to cloud security posture management and runtime application self protection.

Trend Micro’s 2021 Predictions Report echoes this need for upskilling students and the current workforce. It also stresses the need for fostering user education and training while many employees continue to work from home and mix personal and professional information online.