Category Archives: Cyberthreat

Big in Japan: Our Winning Channel Partners Head to the Far East

By James Munroe

As a committed channel business we’re always looking for new ways to engage and excite our partners, drive new sales and generate pipeline. So it was last year that Trend Micro developed a unique UK partner incentive programme: Go Big in Japan. Tapping into our heritage as a Japanese-headquartered business, the initiative has exceeded all our expectations, generating new customers, and an uptake in partner training and millions in new deals.

We’d like to thank everyone that took part, but especially the lucky 13 winners we announced at a special party in London’s swish Aqua Kyoto bar last week. We’re sending them on the trip of a lifetime to the Land of the Rising Sun.

Going big
Go Big in Japan was a partner incentive programme like no other. Aimed mainly at our managed channel partners, it featured bold, imaginative and fun branding to grab the attention. Floor days at each partner’s site introduced the programme with fun Japanese-themed activities capturing the imagination.

We extended the opportunity to take part out to all levels of sales staff as well as those outside of sales roles within our partner community. They were able to earn points by taking part in/completing specific activities, including:

• Multiple closed deals
• Training and enablement
• Creating proof-of-concept demos with customers
• Creating net new customers for Trend Micro
• Upselling customers from one solution to two, and from two to three
• Going above and beyond for Trend Micro

Heading East
The top points scorers across the community were invited to a special party night last week in Aqua Kyoto. From these, 13 participants won, 10 sales, based on the highest points scored, 2 wild card winners from both Technical and Marketing backgrounds who truly have gone above and beyond and the final place was a draw based win. Congratulations go to:
Tom Jolly & Ollie Lee – Phoenix
Ian Broadbent – SBL
Mark Hughes – SITs
Rob Finney & Megan Horton – Secon
Debbie Allen – Bytes
Conor Riordan, Lewis Wilder & Tyler Furne – Softcat
John Sajjadi – E92
Chyna Vincent – MTI
Nick Carter – ITB

Even better, the programme has exceeded all expectations, enabling Trend Micro to build fantastic relationships with partner organisations, generate greater mindshare and drive new business.

A win-win for the channel
Go Big in Japan generated over £4.6m in closed deals, smashing our target of £1.5m. With 60 of the 90+ sales people who took part closed revenue, with 16 of them exceeding the minimum close amount. The programme gave a boost to partner training, with an increased number of partners taking our Sales Essentials courses. Things are also looking good for the future, with Trend Micro delivering a large number of POCs and gaining 20 new customers via the programme.

We’re delighted with the way things have gone. Go Big in Japan shows what we can achieve with a little imagination and the commitment and determination of a talented group of partners. It’s delivered significant incremental sales to some participating partners while helping Trend Micro cement the relationships which make all the difference when it comes to channel success. We were even awarded Marketing Incentive Campaign of the Year at a year-end sales event by Saepio.

The next challenge will be thinking up something to top this.

New European IoT Security Standard is a Great Start

By Ian Heritage

At Trend Micro we spend a great deal of time working on ways to secure the Internet of Things (IoT) more effectively. But one of the challenges facing us is that smart products are being produced on an ever-increasing scale with little care paid to security or privacy. In short, market forces have failed to improve standards as time-to-market and usability continues to trump security. That’s why it’s great to see the publication of a new globally applicable European standard this week designed to improve baseline security in the industry.

Now comes the hard part: getting manufacturers around the world to adopt it, and consumers to start seeking out compliant products.

A landmark proposal
The new standard comes from the European Telecommunications Standards Institute (ETSI), after a UK proposal based on its own code of conduct published in October 2018. The UK has also shown leadership in this space after a British Standards Institution (BSI) kitemark was announced back in May 2018.

ETSI TS 103 645 has been described as a “landmark specification for consumers and industry alike”. It features a whole host of requirements which will please security advocates no end. These include:

• No universal default passwords
• Software update mechanisms
• Vulnerability reporting mechanisms
• Secure storage of credentials and sensitive data
• Secure communications
• Minimised attack surfaces
• Easy installation and maintenance

In particular, removing the option for default passwords will help mitigate the threat of Mirai-like attacks which search for these exposed credentials on the internet before conscripting devices into botnets. Vulnerability and software update systems are also an important requirement as these are often lacking in IoT manufacturers — especially those that don’t hail from an IT-centric background.

Why it’s important
These may be consumer devices, but they still matter to corporate security, for several reasons:
1) In some cases, organisations may buy in consumer-grade devices like smart TVs for the boardroom, or smart kettles, fridges and toasters for staff kitchens. Yet these can unwittingly open the digital back door for hackers to sneak into the corporate network.
2) Unsecured smart home devices like routers, security cameras, and DVRs can be attacked and conscripted into botnets to launch DDoS and data stealing attacks on organisations, commit click fraud, mine crypto-currency and more. Trend Micro’s 2019 predictions report warned of a new “IoT worm war” using these techniques.
3) Smart home devices can also represent a serious threat to organisations via their home workers. Vulnerable smart speakers and other gadgets could be hacked to provide attackers with a stepping stone into corporate networks.

What next?
The standard offers a clear framework for manufacturers to improve the security of their products and in so doing appeal to increasingly security-minded consumers. But to be successful, it will need to get a critical mass of IoT producers on board, and to publicise itself effectively to customers.
Securing consumer-grade IoT kit is also only one of the broader security challenges facing the industry. Organisations are also exposed via the convergence of IT and OT systems in industries like manufacturing and construction. Legacy operating systems, problems with patching, insecure protocols, limited authentication and other issues present serious cyber risks to these firms.

That’s why Trend Micro is collaborating with telcos, IoT device makers, technology multi-nationals and other stakeholders to secure the connected world. Our offerings stretch from the datacentre (Deep Security) to the network (Tipping Point appliances and Deep Discovery) to carrier environments (Virtual Network Function Suite), and IIoT systems (Safe Lock). That’s why we welcome the new ETSI standard, but also caution that this is just the beginning in a long journey to improve IoT security.

 

Safer Internet Day: working together for a better internet

by Ian Heritage

Last week Facebook and Google hit the headlines yet again for the wrong reasons after they were found to have bypassed Apple’s strict approvals process to distribute data harvesting apps to users. In Facebook’s case, the firm paid users as young as 13 in return for downloading the market research app. Critics claim it was less than open about the privacy-invading purposes of the app, and that its parental consent ‘checks’ could be easily faked.

It has all served as a timely reminder of the privacy and security risks families are exposed to on a regular basis today, as we celebrate Safer Internet Day (SID) around the world tomorrow, on the 5th February. Continue reading

New year, same old threats? What to expect in 2019

by Bharat Mistry

It’s that time of the year again when we look to the future to arm cybersecurity professionals with a few predictions of what might head their way in 2019. But the truth is that there’s little in store that they’ve not seen already. In fact, the defining threat trends of the coming year may well be those that have plagued organisations for the past decade: vulnerabilities, stolen credentials and social engineering.

The best way to equip your organisation against these going forward is to follow best practices, layer up defences across the IT infrastructure and improve user awareness programmes. Continue reading