Tag Archives: cybercrime

Channel Partner Management in a Rapidly Changing World

By Camilla Currin

When the news first came through about lockdown, my heart sank. How was I going to maintain sales engagement and momentum with partners, especially the ones I’d only recently taken on and did not know well? Navigating these personal relationships, from sales floor to boardroom, is challenging at the best of times. In many ways, the weeks and months that followed proved my initial feelings both right and wrong. 

On the one hand I was right to be nervous: the role of the Channel Account Manager (CAM) has been impacted significantly by pandemic-related events over the past few months. However, with the right approach, the right team and the right product set behind you, it is possible to pivot to success amidst unprecedented change.

Continue reading

Cloud is King: How to Navigate the Breach Landscape and Keep Customers Onside

by Gurmail Singh 

Today’s CISOs are well aware that a serious cyber-attack on their organisation is not a case of “if” but “when”. Their challenge is that the current global crisis has created new cloud security risks whilst at the same time generating new budgetary demands that might bump cyber down the corporate priority list. 

Against this backdrop, it’s vital that businesses preserve hard won corporate reputation and customer confidence through security-by-design and effective partnerships.

Continue reading

Introducing CLOUDSEC Online: A New Source of Expert Cloud Security Content

by Bharat Mistry

The past few months has seen radical changes for many employees as organisations rapidly shift to mass remote working patterns. But for information security professionals used to being an essential part of the office dynamic, the transformation has perhaps been most abrupt. A further blow has been the cancellation of industry meet-ups and events that provide much-needed networking and learning opportunities. 

That’s why we’ve launched CLOUDSEC Online, a new interactive hub hosted by Trend Micro and partners. It will be an invaluable resource for cybersecurity and IT professionals in the leadup to our sixth annual CLOUDSEC event in London later this year.

IT professionals under pressure
These have been a challenging few months for cybersecurity professionals. A recent industry survey by certifications organisation (ISC)² revealed that nearly half (47%) have at some point been taken off some or all of their typical tasks to support more pressing demands such as remote working. A further 15% said they don’t have adequate resources, while a third (34%) claimed they only have enough for the time being. In another recent poll, this time by industry body ISACA, only around half (59%) claimed their IT security team has the right tools and resources at home to do their job effectively. 

These problems come at a time when corporate users are experiencing a barrage of COVID-themed phishing emails and attempts to steal enterprise information, infect systems with ransomware, and even carry out BEC fraud. Cyber-criminals are betting on home computing endpoints that are less well protected than corporate counterparts, distracted employees, and vulnerabilities in remote access infrastructure. They may also be hoping that stretched IT security teams are struggling at home. According to ISACA, just 51% of security pros are highly confident that their teams are can detect and respond to rising threat volumes. Nearly all (92%) reported that attacks on individuals are increasing.

Why join CLOUDSEC Online?
Trend Micro’s CLOUDSEC conference has for the past five years provided industry professionals with access to fascinating presentations from world-leading experts ranging right across the cybersecurity spectrum. Short, insightful keynotes from academia, law enforcement, non-profits, enterprise CISOs and Trend Micro’s own experts provide insight into breaking threat trends, and real-world case studies from industry professionals — all packed into a single day.

Ahead of this year’s CLOUDSEC Live conference, which will be held virtually, we’ve designed a new interactive hub. It will help to connect industry professionals from across Europe with each other and a range of resources designed to inform their cloud security journey at a time of extreme challenges. 

You’ll find e-books, white papers, infographics, webinars, video interviews, solutions guides, partner success stories and much more. They cover everything from understanding more about fileless threats to hybrid cloud challenges, and seamless DevOps security to tackling cloud misconfiguration.

Whatever stage of your cloud journey you’re currently at, there’s plenty in there to help ensure that security challenges are not a roadblock on innovation. Sign up today to get instant access to a wealth of industry insight and resources.

Register here today!

The Zero Day Initiative: Working Hard to Secure the Connected World

by Jay Coley

Trend Micro’s Zero Day Initiative (ZDI) has for 15 years been promoting coordinated vulnerability disclosure through what is now the world’s largest vendor-agnostic bug bounty program. Much of this work goes on behind the scenes, with little fanfare. But it’s vital work nonetheless in helping to secure the connected world, whilst providing early protection for Trend Micro/TippingPoint customers.

A case in point was Microsoft’s silent patching of two ZDI-discovered bugs this week.

Behind the scenes
Discovered by ZDI’s Abdul-Aziz Hariri, the two vulnerabilities exist in the way that the Microsoft Windows Codecs Library handles objects in memory. If exploited, CVE-2020-1425 would allow an attacker to obtain information to further compromise a system, while CVE-2020-1457 could allow an attacker to execute arbitrary code.

It’s rare that patches are silently deployed by Microsoft like this to its customers, but that shouldn’t detract from the hard work of ZDI researchers here. In fact, ZDI was the number one external supplier of vulnerabilities to Microsoft last year, accounting for 38% of publicly discovered Microsoft flaws.

Why ZDI?
Why is this important? Because without programs like ZDI which advocate responsible disclosure, grey and black market trading of vulnerabilities would proliferate, resulting in less secure products and more exposed customers.

Vulnerability exploits are a vital pre-requisite of many cyber-attacks today. By galvanising the research community and incentivising responsible disclosure, the ZDI can help to make the digital world a safer place. Not only that, but we can also provide early protection for Trend Micro and TippingPoint customers. In this case, our customers were safe for over three months, before vendor patches were issued.