Trend Micro highlights the threats and opportunities of AI

Cyber security specialist Trend Micro is closing out a global and regional round of briefings for customers and resellers and it appears both groups are facing many of the same challenges.

“Resellers are saying their challenges are not that far away from those of their customers,” Andrew Philp, Trend Micro’s A/NZ director of platform strategy, told Reseller News at the end of the regional tour.

“They both need to do more with less, to give people visibility of risk and to become cyber advisors. It’s about risk management rather than response.”

Seven events were held across A/NZ with two in New Zealand – Auckland and Wellington – and five across Australia, in Sydney, Melbourne, Brisbane, Perth and Canberra. They attracted a total of 420 attendees.

More broadly, that was part of a tour that encompassed over 130 cities globally, including briefings from AWS, which garnered an 11 per cent increase in attendees.

“It’s hard to get people in the doors at events these days, so we were really impressed to see an increase in year-on-year attendance,” Philp said.

The aim was to deliver two hours of really valuable time.

Nova Scotia-based Mike Milner, Trend Micro’s vice-president of cloud technology, also joined the tour as keynote speaker to summarise key trends and threats with localised content including legislative changes in Australia.

“Certainly what’s happening in Australia with regards to the cyber security of businesses is impacting the government’s drive to be a cyber leader by 2030 across the globe, and why we are seeing similar potential legislation in New Zealand come into effect.”

That was putting pressure on businesses that could be replicated in New Zealand, Philp said, higher expectations with not a lot more money to deal with it.

The aim of the event was to keep it relevant and talk about what was important to customers and resellers.

Key threats, including deep fakes and scams, were going to get “a whole lot worse”.

Threats demonstrated at the briefings included a token replay attack, which involves intercepting a successful authentication process often by using a valid session token.

Two things were clear. Firstly, most successful attacks exploited some sort of hygiene issue, such as cloud misconfiguration or missing agents. Secondly, the average day of an operational cyber security staffer was increasingly difficult, requiring them to understand and decide what they were going to spend their time on.

Potential responses demonstrated included attack surface management and blended prioritisation to reduce overall risk.

While everyone’s journey to cloud was different, Philp said, the key message was it doesn’t matter what the system was, it needed to be understood for risk, prioritised and have the right protection deployed and automated.

On stage, representatives of AWS contributed to a “fireside chat”, reinforcing the key challenges customers were experiencing. Misconfiguration was a prominent and common threat and adding data to power-up attack surface risk management a solution.

“Understanding that if we have this attack surface risk management system, and cloud is one of those aspects, being able to bring data into that and understand where that sits is important.”

While security operations, or secops, in large companies was different from in smaller ones, Philp said the challenges being faced were similar: how to respond, how to maximise resources and how to use extend detection and response effectively.

As well as include attack surface risk management systems, network identity, endpoint and cloud into one place to get context straight away and move towards structured and predictable responses.

As for artificial intelligence, there was lot of hype that was not necessarily being delivered on, Philp said. The benefits had to be explained in more tangible ways.

In a time when Gartner was saying 75 per cent of organisations were seeking security platform consolidation, Trend Micro’s promise was one where a generative AI security assistant, dubbed Companion, was already pervasive across its platform.

“The customer can take advantage of that across the whole platform straight away,” Philp said. “It’s hard to get trained staff in security, so being able to upskill is a great benefit.”

As many vendors develop their own AI applications, there is also a threat that multiple apps could form siloes and complexity, and conflict an organisation’s cybersecurity posture.

While platform consolidation was the answer to many challenges it was also not possible to be everything to everyone, he added. Secops needed to be able to “play nice”.

At the same time AI is becoming a key part of modern cyber risk management and response, the security of AI more generally was becoming an area customers struggled with.

“Whichever way it’s implemented, unstructured and unclassified models mean data is at risk,” Philp warned.

“AI is going to be the next big shadow IT issue.”

A fireside chat with Mercury Health cyber security manager Eghbal Ghazizadeh closed the A/NZ events, covering what was important to a cyber leader, including reporting lines and operational challenges.

One of these in particular was an area Trend Micro was tackling: how to quantify cyber risk.

The company’s Vision One application offered help by allowing executive leaders to track their organisational risk scores and compare them with industry averages.

“You need to have context for those numbers,” Philp said. “It saves a barrage of phone calls and meetings.”