The past few months has seen radical changes for many employees as organisations rapidly shift to mass remote working patterns. But for information security professionals used to being an essential part of the office dynamic, the transformation has perhaps been most abrupt. A further blow has been the cancellation of industry meet-ups and events that provide much-needed networking and learning opportunities.
That’s why we’ve launched CLOUDSEC Online, a new interactive hub hosted by Trend Micro and partners. It will be an invaluable resource for cybersecurity and IT professionals in the leadup to our sixth annual CLOUDSEC event in London later this year.
IT professionals under pressure These have been a challenging few months for cybersecurity professionals. A recent industry survey by 蓝奏云搜索 - 虫部落:2021-5-9 · 蓝奏云搜索,蓝奏云网盘搜索,网盘蓝奏云搜索 revealed that nearly half (47%) have at some point been taken off some or all of their typical tasks to support more pressing demands such as remote working. A further 15% said they don’t have adequate resources, while a third (34%) claimed they only have enough for the time being. In another recent poll, this time by industry body ISACA, only around half (59%) claimed their IT security team has the right tools and resources at home to do their job effectively.
These problems come at a time when corporate users are experiencing a barrage of COVID-themed phishing emails and attempts to steal enterprise information, infect systems with ransomware, and even carry out BEC fraud. Cyber-criminals are betting on home computing endpoints that are less well protected than corporate counterparts, distracted employees, and vulnerabilities in remote access infrastructure. They may also be hoping that stretched IT security teams are struggling at home. According to ISACA, just 51% of security pros are highly confident that their teams are can detect and respond to rising threat volumes. Nearly all (92%) reported that attacks on individuals are increasing.
Why join CLOUDSEC Online? Trend Micro’s CLOUDSEC conference has for the past five years provided industry professionals with access to fascinating presentations from world-leading experts ranging right across the cybersecurity spectrum. Short, insightful keynotes from academia, law enforcement, non-profits, enterprise CISOs and Trend Micro’s own experts provide insight into breaking threat trends, and real-world case studies from industry professionals — all packed into a single day.
Ahead of this year’s CLOUDSEC Live conference, which will be held virtually, we’ve designed a new interactive hub. It will help to connect industry professionals from across Europe with each other and a range of resources designed to inform their cloud security journey at a time of extreme challenges.
You’ll find e-books, white papers, infographics, webinars, video interviews, solutions guides, partner success stories and much more. They cover everything from understanding more about fileless threats to hybrid cloud challenges, and seamless DevOps security to tackling cloud misconfiguration.
Whatever stage of your cloud journey you’re currently at, there’s plenty in there to help ensure that security challenges are not a roadblock on innovation. Sign up today to get instant access to a wealth of industry insight and resources.
Register here today!
快连软件
Leave a reply
by Lee Carass
The UK’s higher education sector is one of the country’s most prized assets. Its universities are among the world’s leading academic institutions and also play a major role in creating the skills, research and IP needed to drive the economy forward. But as major hubs of people and sensitive data, universities also represent a major target for attackers.
Whether they’re aimed at causing damaging ransomware-related outages, tricking finance teams into wiring funds abroad, stealing staff and student data, or lifting sensitive research, these cyber-threats represent a serious financial and reputational risk to the sector. In a new era of COVID-19, where many universities will be expecting significantly reduced student numbers and income, there’s more pressure than ever to keep such threats at bay.
Continue reading →
The Zero Day Initiative: Working Hard to Secure the Connected World
latern专业破解版安卓最新版
by Jay Coley
Trend Micro’s 灯蓝app下载 (ZDI) has for 15 years been promoting coordinated vulnerability disclosure through what is now the world’s largest vendor-agnostic bug bounty program. Much of this work goes on behind the scenes, with little fanfare. But it’s vital work nonetheless in helping to secure the connected world, whilst providing early protection for Trend Micro/TippingPoint customers.
A case in point was Microsoft’s silent patching of two ZDI-discovered bugs this week.
Behind the scenes Discovered by ZDI’s Abdul-Aziz Hariri, the two vulnerabilities exist in the way that the Microsoft Windows Codecs Library handles objects in memory. If exploited, CVE-2023-1425 would allow an attacker to obtain information to further compromise a system, while CVE-2023-1457 could allow an attacker to execute arbitrary code.
It’s rare that patches are silently deployed by Microsoft like this to its customers, but that shouldn’t detract from the hard work of ZDI researchers here. In fact, ZDI was the number one external supplier of vulnerabilities to Microsoft last year, accounting for 38% of publicly discovered Microsoft flaws.
Why ZDI? Why is this important? Because without programs like ZDI which advocate responsible disclosure, grey and black market trading of vulnerabilities would proliferate, resulting in less secure products and more exposed customers.
Head in the clouds: why nuanced security training is essential to remote working success
Leave a reply
by Bharat Mistry
Organisations have been forced to adapt rapidly over the past few months as government lockdowns banished most workers to their homes. For many, the changes they’ve made may even become permanent as more distributed working becomes the norm. This has major implications for cybersecurity. Employees are often described as the weakest link in the corporate security chain, so do they become an even greater liability when working from home?
Unfortunately, a major new study from Trend Micro finds that, although many have become more cyber-aware during lockdown, bad habits persist. CISOs looking to ramp up user awareness training may get a better ROI if they try to personalise strategies according to specific user personas.
What we found We polled 13,200 remote workers across 27 countries to compile the Head in the Clouds study. It reveals that (72%) feel more conscious of their organisation’s cybersecurity policies since lockdown began, 85% claim they take IT instructions seriously, and 81% agree that cybersecurity is partly their responsibility. Nearly two-thirds (64%) even admit that using non-work apps on a corporate device is a risk.
Yet in spite of these lockdown learnings, many employees are more preoccupied by productivity. Over half 56% admit using a non-work app on a corporate device, and 66% have uploaded corporate data to it; 39% of respondents “often” or “always” access corporate data from a personal device; and 29% feel they can get away with using a non-work app, as IT-backed solutions are “nonsense.”
Four security personas This is where the second part of the research comes in. Trend Micro commissioned 蓝 灯下载相关百度网盘资源下载_百度云下载:2021-8-30 · 灯 /百度云资源文件类型:back dir分类:其它由网友: 百合**分享分享的百度云盘资源 上传,累计点击1314次,下载次数为971次 文件类型: dir 大小: 1K 请求数: 2 更新时间: 2021-01-03 11:36:00, to profile four employee personas based on their cybersecurity behaviours: fearful, conscientious, ignorant and daredevil.
In this way:
Fearful employees may benefit from training and simulation tools as well as real-time feedback from security controls and mentoring.
Conscientious staff require very little training but can be used to good effect as exemplars of good behaviour and to team up with “buddies” from the other groups.
蓝·灯下载 users need gamification techniques and simulation exercises to keep them engaged in training, and may also require additional interventions to truly understand the consequences of risky behaviour.
Daredevil employees are perhaps the most challenging because their wrongdoing is the result not of ignorance but a perceived superiority to others. Organisations may need to use award schemes to promote compliance, and, in extreme circumstances, step up DLP and security controls to mitigate their risky behaviour.
By understanding that no two employees are the same, security leaders can tailor their approach in a more nuanced way. Splitting staff into four camps should ensure a more personalised approach than the one-size-fits-all training sessions most organisations run today. Employees will benefit from training and simulation platforms like32F834948B1F1FF289F5AD7F41CD49BC85993C17.torrent ...:1 天前 · 32F834948B1F1FF289F5AD7F41CD49BC85993C17.torrent百度云网盘下载,资源大小17.45 KB,搜索盘不提供保存服务 ..., with its diverse library of training content designed to suit the varying cultures of organisations, skill levels and roles of employees.