Category Archives: Internet of Everything

Take Control at CLOUDSEC London this September

by Bharat Mistry

At a fundamental level information security is all about taking back control. It’s about reintroducing order into a chaotic and disordered world. But given the era-defining political upheaval the UK is witnessing at the moment, your average CISO could be forgiven for thinking that their job has just become even harder. Well, good security is also about resilience, and having the tenacity and will to stand firm – sometimes against the odds. But you can’t do this alone. Continue reading

Trend Micro @ Infosecurity Europe: Three Must-See Presentations

by Frank Schwittay

The stage is all set for another packed-out three days when Infosecurity Europe throws open the doors to London Olympia on 7 June. The organisers are expecting over 12,000 visitors and in excess of 300 exhibitors – Trend Micro included on Stand D25. But while the show floor offers a great chance for information security professionals and other industry stakeholders to engage with the vendor community and network with each other, let’s not forget the Conference Programme.

If anything, the speaker line-up will be even bigger and better than last year. So be sure to catch Trend Micro experts – Global CTO Raimund Genes, VP Research Rik Ferguson and Senior Anti-Malware Engineer, David Sancho – as they take part. Continue reading

As CES 2016 Begins, More Reasons for a ‘Bring Your Own Wearables’ Policy

by Bharat Mistry

It might only be the first week in January but already the world’s biggest technology firms are lining up to show you what they’ve been up to over the past 12 months. Wednesday will see the official opening of CES 2016 – the world’s largest consumer electronics trade show. As always, Las Vegas will provide the backdrop as we get a tantalising glimpse into the future – and like last year, much of the focus is likely to centre on the Internet of Things.

But while CES shows us what’s coming down the road, CIOs would do well to remember that smart devices are already finding their way into the enterprise in ever greater numbers. And as they start to sync and share more data than ever before, IT leaders will need to start adapting BYOD plans accordingly.     Continue reading

Extortion, Destruction and Lethal IoT Failures Make 2016 a Year to Watch

by Bharat Mistry

It’s been a pretty hectic 12 months, but for UK CISOs the bad news is that 2016 is unlikely to bring with it any respite. Over the past year we’ve seen a never-ending avalanche of data breaches, nation state espionage attacks and hacktivist campaigns; sophisticated new malware; and a return of some old attack techniques. And all of this against an ever more volatile regulatory compliance backdrop that threatens to turn up the pressure even more next year.

We’ll be doing our bit by continuing to protect our customers from the latest threats with innovative new products, and working with law enforcement to hit the bad guys where it hurts. But security bosses should also start planning now to overcome the key challenges Trend Micro predicts for 2016.

A year in security
Organisations on both sides of the Atlantic showed they are still ill-equipped to cope with targeted attacks and continue to make basic security errors allowing hackers to strike. Whether it was the apparently insider-related attack on infidelity site Ashley Madison or the more traditional targeted intrusions at major US healthcare firms Anthem and Premera and the massive OPM federal breach, it was no real surprise that the data breaches kept on coming in 2015. The UK had its fair share of incidents too, many of which were punished by the Information Commissioner’s Office (ICO). The TalkTalk breach turned out to be less serious than at first thought but shows that some British firms are no better at securing customer data than their global counterparts.

At a nation state level our tracking of the Pawn Storm crew’s attacks on NATO members and the White House proved it’s not just China and the US with cyber espionage capabilities. And a devastating strike which took out several TV5Monde TV channels reminded us of the real world damage that cyber attacks can inflict. It was disappointing to see the results of a new Quocirca study sponsored by Trend Micro which found that although complacency about breaches has dropped this year, 12% of the firms that said they’d been targeted didn’t know whether data had been taken or not. Some didn’t even know how much data they’d lost.

Another study we released, this time with the Ponemon Institute, warned of the threat to privacy and security from nascent IoT technologies.

Fighting back
We’ve done our best to help our customers stem the rising tide of attacks this past year, beyond providing industry leading products which received accolades from the likes of NSS Labs (Deep Discovery), Gartner, the V3 Awards (Deep Security) and the IAIR Awards (cloud security company of the year). Deep Security’s virtual patching capabilities have helped countless businesses continue to run Windows Server 2003 beyond the deadline for end of support earlier this year. And a landmark MoU agreement with the NCA has seen our threat researchers working hand-in-hand with the crime agency on cases – already resulting in the arrest of two suspects in the UK. Those same researchers have also lifted the lid on the shadowy Deep Web cybercrime markets of Japan, China, Germany and beyond in some fantastic reports this year.

We’ve also been awarded the “EICAR trusted IT security” seal of quality for Deep Security, Deep Discovery and OfficeScan – independent proof that none of these products have been tampered with by nation states.

Trouble ahead
But unfortunately the hard work never stops. Already lined up for next year are major changes to the regulatory environment, with the European General Data Protection Regulation and Network and Information Security Directive set to be finalised. And there’s a new Safe Harbour agreement to be thrashed out with US negotiators. Organisations desperately need their own Data Protection Officers (DPOs) to handle these coming compliance requirements and co-ordinate an effective response to data security threats. Yet we predict that fewer than 50% of organisations will have one installed by the end of next year.

Our other predictions for 2016 include the following:

  • Threats will increasingly focus on extortion
  • A failure in at least one consumer-grade IoT device will prove lethal
  • Mobile malware will hit 20 million, driven by China
  • Destructive cyber attacks will increase
  • Ad blocking will kill malvertising
  • Cybercrime prevention efforts will get more successful

Check out our latest report, The Fine Line: 2016 Security Predictions, for more. And we wish you all a very happy Christmas and prosperous New Year.