Tag Archives: cloud security

Securing our cloud-connected world in 2020

Leave a reply

By Ross Baker

It’s been a tough year for CISOs. The past 12 months has seen another spike in data breaches, cloud misconfigurations, and security threats at a DevOps layer. Ransomware is up, filelessmalware is on the rise, and business email compromise continues to increase. Trend Micro alone blocked over  26.8 billion unique threats in the first half of the year. With no let-up in store for 2020, cybersecurity leaders need to ensure they work with trusted partners — vendors with a clear vision of the future.

Continue reading

Flying High in the Hybrid Cloud with More “Market Leader” Analyst Recognition

Leave a reply

by Bharat Mistry

Modern organisations are laser-focused on business agility and the customer experience. To help them respond quicker to changing market demands they are turning to the hybrid cloud and DevOps. But this kind of innovation-centric digital growth can only be achieved with a strong and secure foundation. Trend Micro was one of the first to spot this emerging trend a decade ago, and today we’re recognised as the market leader.

In fact, we’re celebrating again, having just been named the “dominant leader” in IDC’s latest report, Worldwide Software Defined Compute Workload Security Market Shares, 2018

Why SDC workloads matter
As the IDC report explains, software-defined compute (SDC) covers a large number of abstraction technologies across the system software stack. Although technically a subset of endpoint security, SDC workload security is primarily designed to protect VMs, containers and cloud system software — and as such is commonly used in the context of cloud environments. Tools in this category can include things like anti-malware, firewall, host intrusion detection, application control and integrity monitoring.

Why does this matter? Because increasingly the cloud, and therefore VMs and containers, is being used to develop and support the microservices-based applications needed to drive faster, more responsive customer-facing experiences. But as we predict in our new report, The New Norm, these environments are set to come under much greater scrutiny by hackers over the coming decade. Cloud platforms are particularly at risk from code injection attacks, either directly or via third-party libraries, while containers and serverless architectures could be exploited because they contain vulnerable shared code components.

This poses an existential threat to modern businesses. If your cloud systems and apps get hacked, digital growth efforts could be halted in their tracks.

A long journey
Trend Micro’s share of the SDC workload security market now stands at over two-fifths, nearly triple its nearest competitor, according to IDC. That’s due in part to our vision in this space. Back in 2009 we acquired a little-known host-based intrusion-prevention and firewall software provider called Third Brigade. It was the start of a long journey, as we steadily built out our capabilities for virtual, hybrid cloud and container environments.

Today we offer comprehensive security across physical, virtual and hybrid cloud environments from a single pane of glass with tight integration into AWS, Azure and GCP. Trend Micro has also focused on automation and security-as-code to embed seamless protection into DevOps pipelines, including pre-runtime scanning of container images.

Most recently, we released XDR, which correlates data across email, network, endpoint, server and cloud workloads to spot and block malicious workload activity. And we bought leading cloud security posture management firm Cloud Conformity to tackle misconfiguration and compliance/governance challenges.

All of these capabilities and more will soon be offered as part of a holistic Cloud One solution that allows organisations to receive automated protection from a single console — minimising risk, management overheads and billing issues. Trend Micro is always looking one step ahead to provide protection where you need it.

Tackling risk in a multi- and hybrid cloud world

Leave a reply

by Bharat Mistry

Cloud computing sits front-and-centre of most organisations’ growth plans today. The sheer scalability and cost efficiencies that can be wrung out of on-demand compute services helpfirms to do more with less, respond with greater agility to meet market demands, support seamless DevOps processes, and run a leaner, greener business. It’s no surprise that the public IaaS market grew over 31% in 2018 to top $32 billion.

Yet cybersecurity is a perennial barrier to cloud success, and it’s getting harder as cloud deployments grow in scale and complexity. Put simply, organisations can no longer handle their cloud security needs with a collection of point products. They need a simple, unified platform for maximum visibility and control.

Fragmented and risky
The macro trend points to increased cloud adoption as digital transformation efforts taking hold across a range of verticals. But peer closer and the picture is much more nuanced. In reality, there are many different flavours of cloud adoption. No two organisations are alike and running the same kind of IT infrastructure. Legacy servers may sit alongside virtualised infrastructure and/or public cloud deployments. Then there are fast-emerging services like containers and serverless. Some organisations may be investing in multiple platforms from different providers, ramping the complexity up even further.

In dynamic hybrid and multi-cloud environments like these, CISOs need to ensure that workloads are protected wherever they are. At the same time, hackers are increasingly focusing their efforts on exploiting vulnerabilities in containers and the third-party code that is shared and reused in the developer community to accelerate DevOps. Then there’s the challengeof human error, with misconfiguration of cloud architecture a major risk.

The impact of security breaches could be catastrophic, leading to data theft, ransomware, and other cyber-threats that could undermine brand value and damage the bottom line.

Trend Micro unifies cloud security
Up until now, organisations have had no choice but to keep running multiple point products to secure various parts of their hybrid cloud infrastructure. But it doesn’t have to be this complicated. 

Cloud One from Trend Micro brings together the world’s leading workload security service and container image scanning/runtime protection with brand-new offerings for application security, network security, file storage security and cloud security posture management (CSPM). The latter comes from Trend Micro’s recent acquisition of Cloud Conformity – delivering a product designed to mitigate misconfiguration mistakes and enhance security compliance and governance in the cloud.

Whatever stage your cloud journey is at, you’ll get simplified, automated protection delivered from a single console, with single-sign on, common user and cloud-service enrolment, and a common pricing and billing model.

Available from Q1 2020, Cloud One will cover:• Trend Micro™ Cloud One – Workload Security• Cloud One – Container Image Security• Cloud One – File Storage Security• Cloud One – Network Security• Cloud One – Cloud Posture Management• Cloud One – Application Security

To find out more, please visit https://www.trendmicro.com/en_us/business/campaigns/cloud-one-services.html

Five Things We Learned at VMWorld Europe

Leave a reply

by Matt Poulton

It’s been a fantastic few days in sunny Barcelona where the Trend Micro team made the most of VMWorld Europe. It always offers a great opportunity to talk to customers, partners and prospects and this year was no different. On the event’s last day today, we reflect on some insight into what’s working, and where organisations feel there are still challenges to address.

A big thanks goes to all those hardy souls who manned the Trend Micro stand from morning till early evening, delivering over 130 demoes in eight languages on just the first day, as well as our spokespeople who spent countless hours talking to the press and presenting the Trend Micro vision to keynote attendees. Continue reading