Category Archives: Data protection

Head and Shoulders Above the Rest in Endpoint Security as a Gartner Magic Quadrant Leader

by Bharat Mistry

We’re only in the second month of the year and already the threats are coming thick and fast. Just in the past week we’ve heard of a major breach at two popular gaming forums and a ransomware attack which crippled the police CCTV camera network in the US capital. This tells us that the endpoint, frequently the first target in such attacks, must be better protected as we head through 2017. But it can be hard to cut through the marketing hype in such a crowded marketplace.

That’s why Trend Micro is delighted to have been placed highest and furthest in the Leaders quadrant in Gartner’s 2017 Magic Quadrant for Endpoint Protection Platforms (EPP). Continue reading

Securing the Cloud and Driving Digital Transformation with BT

Guest blog by Ian Humphreys

Increasing numbers of UK firms are looking to harness the power of Infrastructure-as-a-Service (IaaS) cloud providers and integrators to improve agility, cut hardware expenditure and take advantage of improved scalability. The same is happening all over the world. In fact, an IDC survey of over 6,000 IT organisations last year revealed that nearly two-thirds are already using or planning to use public cloud IaaS by the end of 2016. Security has always been a major barrier to such adoption plans, with many organisations unaware of just how much responsibility for this they must take in an IaaS set-up.

That’s why Trend Micro last week announced a major new partnership with BT which will see our flagship Deep Security platform offered to all BT Cloud Compute customers. It will help organisations meet their share cloud responsibilities with one of the most comprehensive security solutions around.

Pros and cons
The benefits of cloud IaaS are undeniable. It’s being seen in an increasing range of use cases including website hosting; proof-of-concept testing; adding extra capacity at peak times; batch computing and much more. But there are risks. Cybercriminals are becoming increasingly adept at exploiting any gaps organisations might leave in their cloud infrastructure to go after sensitive customer data and IP. The shared resources of a multi-tenant environment may raise fears of inter-VM attacks, for example. And unpatched systems continue to represent a major risk.

Yet many struggle because they’re running IaaS in a hybrid cloud environment, but aren’t able to consolidate their security across physical, virtual and cloud. This can create management headaches for IT and even lead to further security gaps for the black hats to exploit. Performance issues may also occur if their security hasn’t been designed with cloud infrastructure in mind.

Protecting the ecosystem
Cloud IaaS may be owned built and managed by the provider, but as a rough rule of thumb everything above the hypervisor is the responsibility of the customer. Fortunately for BT Cloud Compute customers, our award-winning Deep Security platform is now available to secure their cloud workloads.

Deep Security is one of the most comprehensive cloud security products on the market, including:

Anti-malware: protects cloud servers
Web reputation: blocks access to malicious URLs
Intrusion prevention: vulnerability shielding protects servers and apps from any known and zero-day threats
Stateful firewall: decreases attack surface by ensuring only pre-approved ports, protocols and IP addresses access VMs
File and system integrity monitoring: Helps spot covert targeted attacks by detecting suspicious changes to files, directories, registry keys etc.
Log inspection: collects OS and app logs to detect suspicious behaviour and support compliance efforts

What’s more, Deep Security runs across physical, virtual and cloud servers, minimising operational costs and ensuring all policies are centrally managed. It’s also been designed in close co-operation with some of the world’s biggest cloud providers for tight integration and high performance.

The major DDoS outage at DNS firm Dyn last year reminded us of the potential disruption to the cloud ‘ecosystem’ that can occur when a provider high up the stack is compromised. This new partnership will therefore benefit BT’s direct customers, helping them to drive digital transformation and profits while staying secure. But it will also have the knock-on effect of ensuring maximum uptime and security for any customers of theirs accessing their services via the cloud: a win-win all round.

 

Trend Micro TippingPoint® Named a Leader in 2017 Gartner Magic Quadrant for Intrusion Detection and Prevention Systems (IDPS)

Guest blog by Elisa Lippincott

Trend Micro TippingPoint has been named a Leader in the Gartner 2017 Magic Quadrant for Intrusion Detection and Prevention Systems (IDPS). With improvements in both Completeness of Vision and Ability to Execute from previous years, we believe that placement in the Leaders’ quadrant illustrates the positive progress we’ve made since the acquisition of TippingPoint in March 2016 from Hewlett Packard Enterprise.

What sets Trend Micro TippingPoint apart
Trend Micro TippingPoint Next-Generation Intrusion Prevention System (NGIPS) offers in-line comprehensive threat protection against advanced and evasive targeted attacks across data centers and distributed enterprise networks. It offers in-depth analysis of network traffic for comprehensive contextual awareness, visibility and agility necessary to keep pace with today’s dynamic threat landscape. Powered by security intelligence from TippingPoint Digital Vaccine® Labs (DVLabs) and the Zero Day Initiative vulnerability bounty program, the TippingPoint NGIPS provides accurate, preemptive threat prevention in real-time without affecting network performance. 

Earlier this year, we announced our first-to-market standalone NGIPS that delivers up to 100 Gbps inspection throughput with low latency. The TippingPoint 7600NX was designed for data centers and enterprise networks with high performance requirements who need a security solution that can easily scale to meet traffic demands.

With our Enterprise Vulnerability Remediation (eVR) capability, customers can pull in third-party vulnerability scanning data, map CVEs to TippingPoint Digital Vaccine® filters and take immediate action based on the enhanced threat intelligence to increase their security coverage. This powerful tool reduces administration time, increases security coverage, reduces unnecessary notifications, and provides a big picture view into an organization’s overall security posture.

ThreatLinQ is an easy-to-use, real-time threat intelligence console that allows customers to evaluate the changing threat landscape and make informed decisions to enhance their network security posture. Customers can access real-time threat intelligence, review Digital Vaccine filter details, and fine-tune their TippingPoint protection profiles.

We deliver Integrated Advanced Threat Prevention that provides enterprises:

Pre-emptive Threat Prevention: Inspect and block inbound, outbound and lateral network traffic in real-time to protect against known, unknown, and undisclosed vulnerabilities.

Threat Insight and Prioritization: Gain insight and context with complete visibility across the network to measure and drive vulnerability threat prioritization.

Real-Time Enforcement and Remediation: Defend the network from the edge to the data center to the cloud with real-time, inline enforcement and automated remediation of vulnerable systems. 

Operational Simplicity: Simplify security operations with flexible deployment options that are easy to setup and manage through a centralized management interface with recommended settings that provide immediate and ongoing threat protection.

Click here to learn more to find out why Gartner named Trend Micro TippingPoint a Leader in the 2017 IDPS Magic Quadrant.   

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.


 

It’s Time to Up Cyber Maturity Levels in 2017 – Starting with the Endpoint

by Bharat Mistry

As we close out another eventful year one thing is patently obvious: cyber threats have never represented a bigger risk to firms. Data and security breaches recently revealed at the likes of PayAsUGym, Ryanair, Lynda.com, KFC and more have all provide a timely festive reminder to CISOs of the value of multi-layered threat defence. More concerning still are new stats suggesting UK firms continue to operate with lower levels of security maturity than their US counterparts.

A good way to start the new year would surely be to consider how your organization can be smarter about security in 2017. And that means taking a look first at the endpoint.

Another year of breaches
Even before the catastrophic breaches at Yahoo, which may have affected over 1.5 billion accounts, were revealed, this was already shaping up to be another epic year for the black hats. Perhaps most worrying from the stream of breach incidents we’ve all read about in the news over the past 12 months is the fact that organisations are still making the same old mistakes.

Newly released data from UK-based insurer CFC Underwriting makes for particularly uncomfortable reading. It reveals that firm handled more than 400 claims on cyber breach policies this year – with the main categories being privacy breaches (31%), financial loss (22%) and ransomware (16%). Now, we don’t have mandatory breach reporting laws in the UK – not until the European GDPR comes into force in 2018, at least. So this is an interesting reminder that, while we might not always hear about them, security incidents are happening – and affecting UK firms every day.

More concerning still is that UK firms apparently represent 8% of the insurer’s policy count, but 17% of its claims count. Why does the UK have a disproportionately high volume of claims? CFC reckons because of the low cybersecurity maturity of these organisations.

Start with the endpoint
A comprehensive approach to cybersecurity of course requires multiple layers of protection including web and email gateways, networks and servers – not forgetting the vital “people” and “policy” elements. But many of the attacks which have led to damaging breaches over the past year started at the endpoint – the initial incursion point into the corporate network. We therefore need to start our efforts by better protecting this layer of infrastructure – but it’s not easy given the explosion in endpoints facilitated by cloud, mobile and IoT technologies.

Trend Micro’s answer is XGen: a cross-generational approach reliant on multiple layers of protection. None of these are a silver bullet on their own. But together they can form a formidable defence against the vast majority of known and unknown threats.

It should feature signature and non-signature based tools, including behavioural based filters, app control, exploit prevention and machine learning. The latter has been used for years by Trend Micro. But in this context we’ve made it even more effective at stopping threats by designing capabilities which extract and analyse a suspect file’s characteristics before and during its execution. This helps to reduce false positives and improve accuracy.

Endpoint compromise can play a vital role early on in the cyber kill chain. As we head into 2017, don’t underestimate the importance of gaining visibility and control at this layer. With huge regulatory pressure coming from Europe in 2018, no CISO can afford to ignore it.