Tag Archives: cybersecurity

Welcoming the government’s latest proposals for strengthening UK cyber-resilience

by Michael Power

At Trend Micro we’re on the front line in the fight against threat actors. We see every day the ingenuity and determination of these adversaries. That’s why governments must lead from the front by raising the bar of baseline security standards, especially for providers of critical services.

So we’re delighted to see new proposals for updating the UK’s Network and Information Systems (NIS) Regulations 2018 to something fit for the modern digital age.

Continue reading

After Log4Shell, how can we tackle a possible pandemic of open source exploits?

by Anthony Musk

If a week is a long time in politics, a month can sometimes feel like a lifetime in cybersecurity. Few of us working in cyber at the start of December could have predicted how the run up to Christmas would pan out. In the end, Log4Shelland the subsequent vulnerabilities found in Log4j made it several weeks of sleepless nights and anxious Zoom calls. The truth is that the logging utility is so ubiquitous, related threats will be with us for months or even years to come.

But that’s not the end of the story. Unfortunately for security professionals, their employers and customers, there’s a much wider concern. Trend Micro has been one of several authoritative voices warning of the impact of open source bugs on the security of the digital world. Unless we take action soon, Log4Shell could be the start of an extremely unwelcome trend: a cyber-pandemic fuelled by open source exploits.

Continue reading

Just how bad is the Log4j/Log4Shell vulnerability?

by Simon Walsh

Over the weekend, security teams across the globe have been racing against the clock to mitigate a newly discovered vulnerability. The bug is found in popular Apache logging system Log4j, and has been dubbed “Log4Shell”. It’s already being exploited in the wild.

Here we explain how attacks work and what your organisation should do.

Continue reading

Why best practice security starts with improved IT-business communication

by Bharat Mistry

There’s always been friction at the heart of the relationship between IT and the business. It’s particularly acute in the sphere of cyber, where the security function has long been regarded with suspicion as a block on innovation and productivity. However, the chasm between both sides has rarely been this wide. Nor have the repercussions of miscommunication and mistrust been so potentially catastrophic. A new Trend Micro study lays bare the scale of the problem, and offers some advice on how to tackle it.

To build the security-by-design culture that modern organisations need, security must be formalised, and embedded into every business process. 

Continue reading