by Jamie Holmes
Trend Micro blocked over 94 billion cyber-threats last year, a double-digit increase over 2020. But not everyone has the benefit of our threat detection technologies. And increasingly, bad actors are finding ways to infiltrate corporate networks without even using malware. That’s made detection and response a critical function for security operations (SecOps) teams. But many organisations are struggling with skills shortages, funding challenges and under-powered technology.
The bottom line is that when it comes to SecOps, the best choice is increasingly to outsource to the experts.
by Bharat Mistry
Humans are addicted to stories. But sometimes the stories we tell are overly simplistic. In cybersecurity, a recurring narrative is one of C-suite executives perpetually at odds with IT leaders. They’re disinterested in what the security team does, and release funds begrudgingly and often reactively once a serious incident has occurred. This leads to mounting cyber risk, and an increasing likelihood that the organisation will suffer serious reputational and financial damage stemming from future incidents—or so the story goes.
In reality, things are more nuanced, as new Trend Micro research reveals. And they’re far from beyond the point of repair. But closer IT-board engagement is a must if these organisations are to avoid the mistakes of the past and build a security-by-design culture that permeates enterprise-wide.
Digital means risk
We all know the story of the past two years. Mass digital investments in SaaS collaboration suites, cloud infrastructure and other tools helped to keep organisations operational when they needed it most. The money continues to flow today, as those same companies realise they must keep on pumping funds into digital to stay competitive amidst rising customer expectations. Gartner predicted public cloud spending growth would hit 23% year-on-year in 2021 and increase 20% this year to top $397bn.
From a cybersecurity perspective, these business decisions are loaded with risk if protections are not built into projects from the start. Our recent global poll revealed that of 90% of business and IT decision makers are concerned about the impact of ransomware. It also found generally poor levels of cyber-awareness among board members. Less than half (46%) of respondents claimed concepts like “cyber risk” and “cyber risk management” were known extensively in their organisation.
The landscape is changing fast
Yet things are not as bad as they seem at first glance. The largest group of organizations (42%) claimed they spend most funds on tackling cyber-attacks, rather than the usual business suspects of digital transformation (36%) and workforce transformation (27%). Half claimed they’d recently invested in mitigating the risk of ransomware attacks and breaches.
by Olivia Edwards
The COVID-19 pandemic has made us all online shoppers. But the rest of the decade will see innovation on a far greater scale and across all channels. That’s going to be great for shoppers. And it will offer retailers previously untapped opportunities to drive operational efficiencies, improve the reliability of supply chains and optimise the customer experience. But while greater profits and burnished brand reputation await, so does cyber risk.
No single vendor will hold the answers, but by anticipating what retail might look like in 2030, organisations can at least get a head start on planning for the future.
by Anthony Musk
If a week is a long time in politics, a month can sometimes feel like a lifetime in cybersecurity. Few of us working in cyber at the start of December could have predicted how the run up to Christmas would pan out. In the end, Log4Shelland the subsequent vulnerabilities found in Log4j made it several weeks of sleepless nights and anxious Zoom calls. The truth is that the logging utility is so ubiquitous, related threats will be with us for months or even years to come.
But that’s not the end of the story. Unfortunately for security professionals, their employers and customers, there’s a much wider concern. Trend Micro has been one of several authoritative voices warning of the impact of open source bugs on the security of the digital world. Unless we take action soon, Log4Shell could be the start of an extremely unwelcome trend: a cyber-pandemic fuelled by open source exploits.