Our vision for a cybersecurity platform

August 3, 2021 TH Author Trend Micro CISO : Article, Trend Micro CISO : Cloud, Trend Micro CISO : Detection and Response, Trend Micro CISO : Digital Transformation, Trend Micro CISO : Expert Perspective

Transcript

Eva Chen: Ladies and gentlemen, customers, partners, and cybersecurity experts, thank you for joining us at Perspectives 2021. I think in 2020, we, all together, share one thing… we all experienced a year that we never experienced before. The pandemic forced us into physical isolation and we cannot meet face to face, but that isolation actually forced us to accelerate the digital transformation.

That digital transformation means that we are working from home. We are studying from home. We are forced to not to travel, but we are even more connected in the cyber war. Unfortunately, cybercriminals are exploring this super connected cyber world and therefore our cyber security solution need to take a big step into the transformation. Why is all this [happening]? First, let us look at the threat landscape that is happening in 2020.

In 2020, FBI actually received more than 2,000 complaints each day, which represent 69% increase YoY… That means US $4.2 billion in losses to the cyber criminals. Also, we saw that cybercriminals now are launching more different type of attacks.

There’s a 34% increase in new ransomware family tactics and more and more critical sector are being attacked. Not only the threat landscape and the attacker changed, but also there’s a new challenge because of the infrastructure change or the user behavior change. There are two big changes. First one, is the cloud… there’s more and more customers.

You and your organization are forced to communicate more with your partner or with your customer through the cloud infrastructure and therefore there’s more cloud applications launched. We’re seeing over 56% of organizations that encounter cyber security instance, which involve cloud native applications due to misconfiguration or an unpatched vulnerability.

So, cloud and DevOps environments introduce new challenges for the cybersecurity environment. The second area that we are seeing bigger challenges is IT meets OT. Before, we always think the operation technologies such as factory manufacturing, are isolated and that they are not being connected over the IT infrastructure. But, because of the need to make this digital transformation, we see OT and IT are connected.

And therefore, the cyber criminals are attacking this overall OT environment. We have seen the oil pipeline or the major semiconductor manufacturing company are being attacked from the IT side, but in fact, mostly on the OT side. Therefore the IT and OT needs introduce a new challenge for cyber safety. This is because mainly because digital transformation means that our value chain has changed. Before, the main value creation is coming from the material, the raw material transforms into a product—that is where the value is being created.

But today, the biggest value chain actually comes from the data that you can collect and make the right decision. That is where the biggest value being created. This digital transformation is making the companies need to do more of that acquisition. And then connecting all this data so that we can do drill down analysis of all this data and make the right decision. That is why digital transformation means more data being collected and all this data are more connected. And the decision you are making based on this connected data are more critical to your business operation. Therefore, we are seeing that cyber security needs to fit into this new value chain.

Before we probably can say, oh, we protect each of the points. Where the users are using their computer, we protect the end point and, for servers, we protect the data in the server. But now we need to look at this whole value chain and we need to have the protection in each of the data acquisition points. Plus, we need to secure all this data when they are connected. Therefore, cybersecurity needs to evolve into a platform view for our customer… Seeing how their data travels in the organization and how these protections are put in place to protect [the entire] value chain.

Therefore, Trend Micro come up with [Trend Micro] Vision One solution, where we can have all these different sensors for the data acquisition points and put it into the data lake where we can analyze all the cybersecurity incidents and present it to our customer with the overall security posture. But, our solution is more alert. The most value coming from Trend Micro Vision One is it [can] help you make the most critical and correct cybersecurity decisions.

[Here] is a real case that you can see—if a company has 1000 devices in 24 hours period, usually you can collect more than 100 million raw logs, and this log [40 million] will be identified as valuable to analyze. You can even drill down and say, these are the detection logs, which we usually send to a SIEM. There’s still, every day, there’s 25,000 logs that you have to send to the SIEM. It’s impossible for any security operations center to take the decision based on the number of alerts and logs.

So, Trend Micro Vision One, the most important value comes from that we filtered all these hits, and then we can drill down to only three… Every day you will receive the three most important and summarized cyber security events, where you can see where this attack came from and what action you need to take.

From more than 100 million raw logs, we drill down to only the three events that you need to take care of. That’s what we are trying to present to our customer with our platform approach. With Trend Micro Vision One, our platform approach is beyond technology.

Trend Micro has been in cybersecurity for 33 years, and of course, we are very proud of our technology advantages that we provide, or the centralized visibility we have, or the [deployment], easily applied to different points. But, the most important part is not just the technology advantage. We believe the most important part is we can integrate, utilize, and we understand our customers’ environments and create security that fits for our customer.

Therefore, our customer will be able to utilize our technology to achieve a business advantage. We can understand what industry you are in and therefore, what type of security is most critical for your business operation. You can achieve easier compliance for your industry sector. You can… protect your most critical infrastructure [faster]. And therefore, assist you throughout your value chain lifecycle. That’s the value that Trend Micro is providing through [Trend Micro] Vision One.

Together, we believe this new approach, we can unlock better decision to value chain, because you can…detect and respond to cyber security instance [faster]. By continuing to improve and protect your security posture… to achieve a data to decision value stream.

Thank you very much. I think in the Perspectives event, we can all share different perspectives from [around the world] and we, together, will create a more secure cyber security world. We hope to help you in securing your digital transformation. Thank you.

You May Also Like

The Real Frontiers for 2021 in XDR

CISA Gov: ’23-25 Plan Focuses on Unified Cybersecurity

IT & OT security: How to Bridge the Gap