In the face of evolving cyberattacks, an ever-expanding digital attack surface, and a global skills shortage, organizations need a more unified approach to managing cyber risk. Trend Micro co-founder & CEO Eva Chen discusses our vision and strategy for delivering a unified cybersecurity platform.
Undoubtedly, COVID-19 has been a big accelerant for digital transformation and broader adoption of cloud technologies. According to a recent McKinsey Global Survey, the global pandemic has accelerated this digital change by up to seven years. These changes are expected to stay, meaning CISOs and security leaders need to take a new approach to enterprise cybersecurity as the digital attack surface expands and cyber threats evolve. Trend Micro Co-Founder and CEO Eva Chen discusses why a unified cybersecurity platform is ideal for managing and mitigating cyber risk across the enterprise.
An equation for innovation
As a global leader in cybersecurity for over 30 years, Trend Micro remains committed to providing organizations with business advantages using our innovative cybersecurity technology and services. Chen says that throughout the years, one formula has guided our strategy: x=i+u-t.
“We always observe, monitor the infrastructure shifts, and the user behaviour changes to limit the cyber threats’ impact to our customers’ business,” explained Chen.
This equation has led to Trend Micro being at the forefront of industry innovations such as hybrid cloud security, AI and machine learning, XDR capabilities, and most recently our unified cybersecurity platform approach.
A new approach to cyber risk management
Chen noted that for the past couple of years, Trend Micro has observed that the frenetic pace of digital transformation has introduced more complicated environments with many new vulnerabilities, introducing more business risks, including:
- Cyber attackers “shifting left” and attacking DevOps tools and pipelines, accessing credentials and systems to laterally leapfrog their attack across the network without being detected.
- Ransomware-as-a-service groups or malicious actors adapting a quality versus quantity mentality, launching targeted attacks against valuable targets in the hopes of netting a bigger payout.
- New and old vulnerabilities being weaponized quicker than ever, making it harder for security teams to detect blended attacks.
Most notably, the digital attack surface is expanding—meaning cybercriminals have more points of attacks—and enterprises are struggling to effectively manage it. The main cause? Limited visibility due to disconnected point products.
Siloed products equal visibility gaps, exacerbating an already overwhelming number of disconnected alerts for security teams. Our latest global risk survey found that too many alerts can lead respondents to ignore them, assuming they were false positives, or just turning them off completely.
Factoring in a cybersecurity skills shortage of 2.7 million positions and stifling pressure from new compliance requirements, it’s evident as to why cyber risk continues to increase and effective risk management can be a challenge.
“We have been thinking about how to help our customers not just protect their assets or defend against the threats we know of, but also how to help them manage the total attack surface lifecycle,” said Chen.
The solution: Trend Micro One, a unified cybersecurity platform leveraging market-leading capabilities and global threat research to help enterprises better understand, communicate, and mitigate cyber risk across their attack surface.
Trend Micro One: better attack surface risk management
The digital attack surface risk management lifecycle is composed of three fluid phases: discover, assess, and mitigate. And strong lifecycle management is achieved with a unified cybersecurity tool that provides continuous visibility and risk assessment—like Trend Micro One.
“This platform continuously monitors the expansion and change of customers’ IT infrastructure. Therefore, we can continuously update and give the full visibility of cyber assets that create your attack surface,” said Chen.
Furthermore, Trend Micro One can help assess cyber risk by “not only finding the status of the vulnerability” but measuring it against current exploits seen in the wild. It can also provide prioritized risk factors, enabling security teams to apply the right security controls or take mitigation steps based on business impact.
Your cyber risk index is calculated by the formula r=(a-s)*v
Attack exposure means how likely an attack will be launched against your infrastructure according to your industry. For example, if you’re in the financial sector, and our global threat research has identified several vulnerabilities targeting banks, your exposure will be greater.
Next, Trend Micro identifies what security controls are in place to manage attacks to determine how likely the attack will be successful. Finally, we factor in the visibility level. If visibility is low, your risk will naturally be much higher.
By continuously assessing and monitoring risk across the attack surface thanks to broad integrations and market-leading security capabilities like XDR, Trend Micro One provides fewer, but higher-quality alerts, enabling security teams to investigate and respond faster to threats.
To learn more about Trend Micro One and the benefits of a unified cybersecurity platform, check out these resources:
Read More HERE