Tag Archives: cloud security

Industry report points to major cloud security challenges

by Bharat Mistry

For the past 12 years, Verizon has been publishing its Data Breach Investigations Report (DBIR). Whilst not the final word on the threat landscape, it always offers some interesting insight into current trends — this year distilled from over 32,000 analysed “incidents” and nearly 4,000 breaches worldwide. That’s why it was interesting to note the uptick in cloud-based threats stemming from external malice and insider error revealed in this year’s report.

The good news is that Trend Micro helps global organisations mitigate both types of cyber-risk; providing peace-of-mind to support employee productivity in a current climate of mass remote working.

Continue reading

HQs in the cloud: the case for security as enabler has never been stronger

By Jay Coley

Our CEO, Eva Chen, predicted recently that the Covid-19 experience will change organisations for good. This is to be largely welcomed. It will help us “fix antiquated processes” and increase remote working, which is good for staff productivity and work-life balance. One other prediction of Eva’s stuck in our minds: the idea that company headquarters in the future will be “located in the cloud”. 

In fact, organisations up and down the UK are already working this way. It is bringing with it new opportunities, as well as a host of challenges, for IT security teams. As these companies struggle to ride out the current crisis, more than at any time we can remember, the function needs to step-up as a true business enabler.

Continue reading

Celebrating more industry recognition as the cloud security leader

by Ross Baker

At Trend Micro we’ve spent the past three decades and more honing our threat protection capabilities to make the connected world a more secure place. But we also know that our company can’t work in isolation to make this happen. That’s what makes industry partnerships so crucial — and they don’t come much more important than in the cloud space, where so much business-critical data is stored these days.

That’s why we’re delighted to have just been awarded 2019 Google Cloud Technology Partner of the Year for Security. It’s testament to our ongoing leadership in the space and commitment to simplicity and close integration for optimised cloud security.

Continue reading

How to beat cloud misconfiguration: Trend Micro @ Cloud Expo Europe

By Bharat Mistry

Cloud adoption is moving pretty fast. So fast, in fact, that sometimes organisations roll-out infrastructure without being able to fully support their end of the shared responsibility model. The bad news is that the vast majority of incidents still go unnoticed. That’s a compliance timebomb waiting to go off.

Fortunately, we have an answer. At Cloud Expo Europe this month, Trend Micro’s Cloud Security Architect, Ian Heritage, will be taking to the stage to explain all.

Clouds are everywhere
There was a time not so many years ago when the public cloud was only for the early adopters. It’s safe to say we’re well beyond that point now. In fact, Gartner predicts that the public cloud services market will grow 17% in 2020 to top$266 billion, and continue on to reach nearly $355 billion by 2022. 

However, as more firms build out hybrid cloud environments from multiple vendors, complexity rises. And as it does so, in-house teams find it increasing difficult to stay on top of the multiple competing protocols, policies and platforms they must manage. Sometimes they’ll have brought in different security vendors, which can create further complexity and allows coverage gaps to appear. 

Complexity means mistakes
The end result is inevitable: mistakes get made that can leave cloud data stores unprotected. You don’t have to go far to find an example. Whether it’s an online Elasticsearch database a MongoDB instance or an AWS S3 bucket, configuration incidents have impacted defence contractors like Boeing, big-name brands like Honda, and a whole host of companies and service providers in between.

The worrying news for CISOs is that, whereas over the past few years such leaks have usually been found and responsibly disclosed by security researchers, cyber-criminals are now starting to take notice. A growing number of cases have seen hackers probe for unsecured cloud databases, steal the data and hold it to ransom. One report even suggested that Magecart hackers are getting in on the act by trying to seed malicious digital skimming code in misconfigured buckets.

A cloud misconfiguration was also technically to blame for the mega-breach at Capital One which exposed data on 100 million customers and applicants.

Trend Micro at Cloud Expo
The cost to organisations could be massive. One vendor claims that over 33 billion records were exposed in leaks due to cloud misconfigurations in 2018 and 2019.

Fortunately, Trend Micro’s Cloud Conformity offers a solution: a cloud security posture management (CSPM) platform providing continuous monitoring, alerts and remediation of AWS and Azure environments. It will flag when configuration errors have been made and offer simple steps to get you back on track, all from a single pane of glass.

Join our Cloud Security Architect, Ian Heritage, at Cloud Expo Europe this month to hear how you can tackle the challenge of cloud misconfiguration, and in so doing drive DevOps and business growth. 

What: Cloud Misconfiguration Causes Breaches—How to Avoid it: Ian Heritage, Cloud Security Architect, Trend Micro. At Cloud Expo Europe.
Where: ExCel London, Keynote Theatre
When: Thursday, 12 March, 2020. 11.10-11.30