Story image

Trend Micro’s four pillars of cybersecurity strategy

11 Oct 2018

Article by Trend Micro Asia Pacific, Middle East and Africa (AMEA) vice president Dhanya Thakkar

As digital transformation picks up the pace, so too does the evolution of cybersecurity risks to those increasingly digital institutions.

Gone are the days when cyber attacks were amateurish probes into unsecured systems; in fact, serious cyber attacks on Australian businesses have almost doubled since last year.

The threats may be greater than ever, but there are steps that businesses can and should take to protect their data systems – and the privacy of their customers.

There are four pillars that should prop up every company’s cybersecurity strategy, and guide its implementation throughout any organisation.

Prediction: Staying a few steps ahead

Aircraft pilots, particularly those flying at night, can often fall victim to what’s called the false horizon effect.

They mistakenly think a series of lights in the distance as the horizon, become disoriented and endanger their passengers – if not for the aviation instruments that tell them otherwise.

Similarly, the enterprise security cloud can act as the instrumentation for companies looking to combat cybersecurity.

The level of visibility and connectivity of the cloud allows it to pool various shapes of data from across a business, and channel this data to AI components to detect patterns and predict possible future outcomes.

Through this level of predictive analysis, businesses can better assess risk, anticipate threats and be more informed in their decisions, making prediction a necessary pre-emptive component to any business’ security strategy.

Prevention: It’s better than cure

Research shows that the global average cost of a security breach to an organisation is almost US$4 million, meaning hackers and cyber attackers continue to follow the money and hit businesses where it hurts the most.

But two strategies can help prevent unwarranted attacks: system hardening to eliminate the number of entry points accessible by outsiders, and network isolation to ensure that a compromise in one sector will not affect the entire ecosystem.

On top of that, an analytics-driven system run on the cloud should be able to detect threats on the fly and engage automated real-time protection, fending off attacks before they penetrate even the first layer of defences.

Prevention may seem difficult but will ultimately pay off as businesses come under pressure to stay resilient and protect their networks.

Detection: Powered by artificial intelligence

For many businesses, the time between when a breach happens and when they detect it is way too long, but employing teams to constantly comb networks to detect intrusions is a costly and timely affair.

Automated cloud solutions leverage constant monitoring, analytics, and AI algorithms to watch networks and workloads across multiple cloud or hybrid cloud systems, detecting anomalies and attacks even as they happen.

Not only is detection faster and more accurate, but such security platforms also score the riskiness of user behaviours across the network and alert teams to any potential breach.

This reduces time to detection, allows teams to confirm and prioritise threats, and provides the means for more accurate containment – resulting in stronger risk management throughout the business.  

Response: Swift, effective and AI-supported

But more than anything, businesses need to ensure that they have policies in place that prioritise the execution of their cybersecurity strategies, and processes to address weaknesses within and without after an attempted attack.

The best method to combat cybersecurity, at the end of the day, is still awareness, and businesses must make it a priority to educate and remediate flaws within departments, parties and networks within their organisation – or remain hampered in their ability to protect their networks.

As more and more data points and networks of businesses are connected digitally to the cloud, the effort it puts into prediction, prevention, detection and response to cyber attacks will ultimately determine its effectiveness of combating today’s digital menaces.

Five things MSPs need to keep in mind in 2019
A Datto APAC channel exec outlines the most important factors for MSP to being paying attention to in the coming year.
Survey: IT pros nostalgic over on-prem data centre visibility
There are significant security and monitoring challenges faced by IT staff responsible for managing public and private cloud deployments.
61% of CIOs believe employees leak data maliciously
Egress conducted a survey to examine the root causes of employee-driven data breaches, their frequency, and impact.
Opinion: BYOD can be secure with the right measures
Companies that embrace BYOD are giving employees more freedom to work remotely, resulting in increased productivity, cost savings, and talent retention.
Sonatype and HackerOne partner on open source vulnerability reporting
Without a standard for responsible disclosure, even those who want to disclose vulnerabilities responsibly can get frustrated with the process.
OutSystems and Boncode team up for better code analysis
The Boncode and OutSystems alliance aims to help organisations to build fast and feel comfortable that the work they're delivering is at peak quality levels.
Nozomi and RIoT to deliver advanced ICS security solutions to Australia
''As a specialised integrator of robust and resilient ICT and IoT solutions within Australia, we are delighted to be partnering with Nozomi Networks."
Nuance biometrics fight back against fraud
Nuance Communications has crunched the numbers and discovered that it has prevented more than US$1 billion worth of fraud from being passed on to users of its Nuance Security Suite.