Trend Cloud Security Blog – Cloud Computing Experts
Currently Browsing: Threats
Offense Must Inform Defense: The Importance of Continuous Monitoring
Posted by Tom Kellermann in Security, Threats Jul 20th, 2012 | 3 Comments In light of the introduction yesterday of the seminal Cyber Security Act and the Presidents OP-Ed in the WSJ: Taking the Cyberthreat Seriously. It is time we learn a lesson from those learned by the Federal Government in Cybersecurity. For the last 6 years the United States government has been struggling to determine how nation state and non-state hackers have bypassed perimeter defenses. After the Comprehensive National Cyber Initiative (CNCI) it was determined that most government agencies over rely on their perimeter defenses. The gauntlet was thrown down to determine how the offensive tactics... HIPAA hiccups
Posted by Jonathan Gershater in Cloud, Deep Security, Malware, Privacy, Compliance and Identity, public cloud, Securing the Cloud, Security, Threats Apr 2nd, 2012 | Comments Off Not a month goes by when there isn’t an announcement of a breach of electronic health records thereby disclosing personal and financial data; and that excludes breaches that are not publicly acknowledged. In a recent report from the American National Standards Institute (ANSI), 18 million Americans have had their personal health information stolen over the past two years. So one has to ask: considering the financial and legal implications of a breach of health records, why don’t organizations deploy security solutions to protect electronic health records? Answers often offered by CIOs... Do You Encrypt Your Data? A Plea to Businesses from an Identity Theft Victim
Posted by Christine Drake in Cloud, Cyber crime, Privacy, Compliance and Identity, Securing the Cloud, Security, Threats Feb 2nd, 2012 | 1 Comment Recently I became a victim of identity theft. Criminals gained access to my name, address, date of birth, driver’s license number, social security number, and bank account number. I’ve spent the last 10 years marketing Internet security solutions, but now I know firsthand how painful it can be to individuals when a data breach occurs. How did they get my personal information? Working in the security industry, I’m pretty careful. I’m good at recognizing phishing scams; emails that use various ploys to get you to reveal your personal information (see this paper I co-authored on the... Savings with Cloud Security — A Look at the Numbers
Posted by Christine Drake in Cloud, Cloud-based Security, SaaS, Security, Smart Protection Network, Threats Jan 19th, 2012 | 7 Comments When people talk about cloud security it can mean either 1) security for the cloud—security that protects your cloud initiatives, like protection for virtual machines or data stored in the cloud; or 2) security from the cloud such as Security as a Service that uses the cloud to deliver some aspect of protection, like hosted email or web security. Here, I’d like to focus on security from the cloud that’s delivered in a hybrid model—a cloud-client architecture. Using the cloud for security can deliver faster threat protection and better security. Traditional security has relied on signature... Beyond Perimeter Defense to Data-Centric Security
Posted by Christine Drake in Cloud, Cloud-based Security, Consumerization of IT, Secure Data Centers, Securing the Cloud, Security, Smart Protection Network, Threats, Threats from the Cloud, VMware Oct 7th, 2011 | 1 Comment Traditionally businesses have focused their IT security on perimeter defense—blocking threats before they enter the network. This protection is still important. But with today’s cloud computing, mobile devices, and advanced persistent threats (APTs), businesses need security that protects their data wherever it travels and in whatever type of device it resides, requiring new data-centric security. Earlier this week, Trend Micro held its annual insight event for the analyst community and announced our new vision on data-centric security (see video clips of the event here and here). Back... What Are the True Dangers of the Cloud?
Posted by Christine Drake in Cloud, Cyber crime, DataCenter, hybrid-cloud, IaaS, PaaS, private cloud, public cloud, SaaS, Secure Data Centers, Securing the Cloud, Security, Threats, Threats from the Cloud, Virtualization Sep 8th, 2011 | 7 Comments We often hear that security and privacy concerns are the main inhibitors to cloud adoption. But what are the true threats? Is the cloud really more dangerous than your on-site data center? I would say that virtualization and cloud computing aren’t inherently more dangerous, but they have unique infrastructure that must be addressed when creating a security foundation. There are similar attacks across physical, virtual, and cloud infrastructures—data-stealing malware, web threats, spam, phishing, bots, etc. So many companies are tempted to deploy their security for dedicated physical... “Hey, You, Get Off of iCloud!”
Posted by Patrick Wheeler in Cloud, Cloud-based Security, Consumerization of IT, hybrid-cloud, Privacy, Compliance and Identity, private cloud, public cloud, SaaS, Securing the Cloud, Security, Threats, Virtualization Jun 20th, 2011 | 2 Comments For all its hype iCloud does not represent a fundamentally new problem. Employees are already bringing personal devices to work and wanting to use them in their jobs, and these unmanaged devices are mixing personal and corporate data on a system that is outside the control of the security and IT teams. There are already many apps and cloud-based services for sharing data between users and between devices (such as Dropbox), and these services are giving security pros fits. What is new is that iCloud will make these things happen automatically, and potentially without the intent or even awareness... Chrome OS: So secure we don’t need security?
Posted by Rik Ferguson in Cloud, Cloud-based Security, Cyber crime, Malware, Securing the Cloud, Security, Smart Protection Network, Threats, Threats from the Cloud May 31st, 2011 | 2 Comments With the launch announcements of various Google Chrome netbooks, the focus of the press and security companies alike is beginning to take a closer look at the security promises made and also at some of the more ’media friendly‘ statements such as, “…users don’t have to deal with viruses, malware and security updates”. Let’s have a look at some of the security features of Chrome OS: 1 – Get out of my playpen. Each process runs in its own sandbox. Effectively this means that if an application is malicious or compromised, it is unable to interact with or otherwise affect... A Tale: The Snack Supplier, the Vending Machine, and the Cloud
Posted by Greg Boyle in Cloud, Cloud-based Security, Cyber crime, Malware, public cloud, SaaS, Securing the Cloud, Security, Threats, Virtualization May 23rd, 2011 | 2 Comments I recently had an interesting chat with the operator of our snack vending machine while making a coffee in the kitchen. She was restocking our machine and had her iPad sitting on the table. In their 2 person company they now have 2 iPads and a PC. They do their inventory control and tracking while onsite at customer premises via the iPad. Then they sync it with their PC and, using an online storage solution they transfer it to the cloud; this then syncs with their online accounting package. Her reason was very, very simple: she wants to reduce the amount of time they spend on bookkeeping and back-office... The Small Business Journey to the Cloud is Actually a Round Trip
Posted by Greg Boyle in Cloud, Cloud-based Security, DataCenter, hybrid-cloud, IaaS, PaaS, Privacy, Compliance and Identity, private cloud, public cloud, SaaS, Secure Data Centers, Securing the Cloud, Security, Smart Protection Network, Threats, Threats from the Cloud, Virtualization Apr 20th, 2011 | 2 Comments The Small Business Journey to the Cloud is Actually a Round Trip By Greg Boyle, Trend Micro Global Product Marketing Manager Many small businesses are still uncertain about cloud computing. They wonder if it can help with their profitability without being extremely risky. Let’s start by defining cloud computing in small business terms. There are two commonly agreed upon types of cloud computing: 1) software-as-a-service and 2) infrastructure-as-a-service. Software-as-a-service (SaaS) is cloud computing where the software you would normally install on your computers in the office is instead... 
Subscribe
