Tag Archives: London

CLOUDSEC UK 2016: Trend Micro Research Highlights Importance of GDPR Compliance

by Simon Edwards

If there’s one word that perfectly sums up the past few weeks, it’s: “uncertainty”. Many IT bosses have been left unsure by many things following the referendum result – not least whether they should continue efforts to comply with the European General Data Protection Regulation (GDPR) or assume this is no longer necessary. New Trend Micro research has reaffirmed that compliance is the way to go. Why? Because it reveals a British public fed up with data breaches and increasingly aware of the value of their own data and how it’s used.

If you want to find out more on this and other key security issues and trends of the moment, come down to our annual CLOUDSEC event in London on the 6th of September. Continue reading

Promoting the Layered Defence Response to Ransomware at the Cyber Security Summit

by Simon Edwards

It’s hard to avoid stories warning of the growing ransomware epidemic these days. Yet some IT security leaders are still being caught off-guard. It emerged last week, for example, that an astonishing 30% of councils in England had been hit by a ransomware attack last year. And one suffered an incredible 13 attacks in just 12 months. There’s clearly a need for industry leaders both to raise awareness of the issue and promote a strategy to mitigate the worst effects of this near-ubiquitous threat.

That’s why Trend Micro will be promoting its layered protection message at the Cyber Security Summit in London tomorrow, Wednesday 22nd June 2016. While it can lead to serious repercussions, ransomware can be stopped if organisations follow some basic security best practices and a policy of defence-in-depth.

A bad start to 2016
Ransomware has snowballed in popularity over the past 12-24 months, mainly because cybercriminals have realised it’s a relatively cheap and easy way of making money. Why bother investing time and money in more complex scams if you can force organisations into paying up by simply encrypting their most important data, so it is effectively unusable? It’s a strategy that has reaped huge financial rewards. The FBI reckons ransomware netted the black hats $209 million in the first three months of 2016 alone.

Once infected, many organisations feel they have little choice but to pay up – although there are decryption tools available for some variants, from Trend Micro and other providers. With mission critical data made unavailable, staff productivity grinds to a halt and essential services are disrupted. There’s not only the financial hit of the ‘fee’ for the decryption key to consider, but the money lost in downtime, damaged reputation and even potential legal costs down the line.

Fighting back
The best way to hit back against ransomware is to take preventative steps to avoid ever getting infected. The key to this is a layered approach to security which stops the malware at every possible infection point. This is important as cybercriminals increasingly look beyond targeting users via web and email channels to other parts of the IT infrastructure including the network and servers. We’re also starting to see ransomware bundled with other capabilities – for example, CryptXXX was updated to include data stealing functionality.

Trend Micro recommends IT security managers look at installing security at these layers:

Web and email gateway: Lock down 99% of ransomware threats with protection at this layer to prevent your employees ever being exposed to malicious attachments, URLs etc…

Endpoint: Combine the above with endpoint security with vulnerability shielding, behavioural monitoring, app whitelisting and more

Network: Visibility is key to protecting against ransomware, and could even help stop a broader attack where ransomware is only one element. Ensure you can scan across all network traffic, ports and protocols, and implement advanced sandbox analysis

Server: Virtual patching at this layer will shield server from exploits of software flaws that could be used to inject ransomware

Trend Micro Global CTO Raimund Genes will be on hand at the Cyber Security Summit in London on Wednesday to share these and more tips on how to stay safe from one of 2016’s biggest security threats.

He’ll also explain how basics steps like network segmentation, regular data back-ups, user education, effective patch management and more can help to lock risk down even further. There’ll be other Trend Micro experts at the show on hand to discuss how we can help insulate your organisation from attack by offering industry-leading solutions at every layer of the security stack.

So come down to the show and look out for our stand.

Where: Cyber Security Summit, ETC Venues, 43/44 Crutched Friars, London
When: 22/06/2016; Raimund’s speaking slot at 11.40-12.20

Expect the Unexpected as CLOUDSEC Conference Comes to London Next Week

by Raimund Genes

Knowledge is power. Nowhere is this frequently over-used expression more relevant than in the information security industry. After all, how can security managers begin to plan effective cyber defences if they don’t fully understand the ever-evolving threat landscape? At the very least, they need to cast the net as wide as possible to take advantage of a broad range of industry expertise. Documents and articles from commercial vendors, non-profits, academics and others can certainly be a useful source of information. So can threat data generated from specific security tools and systems. But so can trade shows and industry events.

That’s why we’re bringing our popular APAC security conference CLOUDSEC to London for the first time. Held next week Thursday, 17th September, it’ll be a fantastic place to network with fellow IT professionals, share experience and best practice, and hear from a range of industry experts on the latest cyber security trends. Continue reading

Sharing the latest in Global Threat Trends with CLOUDSEC

by Ross Baker

Over the past quarter of a century and more Trend Micro has been protecting individuals and organisations around the world from everything the black hats can throw at us. Over that time we’ve come to appreciate that the value we bring is not just in our global threat analyst teams; our award-winning products for endpoint, virtual, cloud and physical security; or our pioneering Smart Protection Network. It’s also in the alliances we form – from law enforcement to academia, to our peers in the security research community.

That’s why we’ve been hosting the CLOUDSEC security conference since 2011. It’s an event that brings together some of cyber security’s foremost practitioners and speakers to share best practices, and the latest industry trends. For the first time ever, it’s coming to London on the 17th September.

Threats, threats, threats
CLOUDSEC covers many of the hottest topics in cyber security today, including targeted attacks, data protection and privacy; Internet of Everything; cloud and virtual security; and critical national infrastructure threats. But cyber security is nothing without context, so attention is always paid to make sessions as relevant as possible.

Even just a cursory look at the IT security headlines over the past week or two will show you why CLOUDSEC is as relevant today as it was four years ago. There have been reports of major vulnerabilities in so-called “smart watches” – potentially increasing the cyber risk surface for organisations already struggling to manage BYOD. Then there was a damaging cyber attack against the US Census Bureau, for which activist group Anonymous claimed responsibility.

But perhaps the most widely reported breach of recent weeks was that hitting the parent company of infidelity site Ashley Madison. Reports are still emerging as to what happened, but attackers The Impact Group claim they have access to highly sensitive data on 37 million customers globally. If nothing else, the incident can tell us much about the limits of online data privacy in the 21st century, and the level of risk facing online businesses which store customer data.

What to expect
In fact, Communicating Cyber Risk to the Business is one of the sessions slated for CLOUDSEC in London in September, along with other presentations on cyber activism, organised crime, incident response and the Internet of Everything.

Expect a raft of world-renowned experts including Andy Archibald, head of the NCA’s National Cyber Crime Unit; PwC Legal’s global head of cyber security and data protection, Stewart Room; and FBI cyber task force supervisory special agent, Timothy Wallach. Also on hand, of course, will be our very own Trend Micro CTO Raimund Genes, and VP security research, Rik Ferguson.

We all know cyber security is a never-ending learning curve for IT professionals – so if you’re nearby on Thursday, 17 September, come down to CLOUDSEC in London to take another step on that journey.

More info: http://www.cloudsec.com/uk
Twitter: Follow @TrendMicroUK #CLOUDSEC2015