Trend Micro Inc. today launched a cloud-based platform through which it will unify risk and threat assessments using data collected from both its own and third-party security offerings.
Wendy Moore, vice president of product marketing for Trend Micro, said Trend Micro One provides a data lake that aggregates security intelligence across attack surfaces, which continues to expand. The goal, she said, is to make it easier for organizations to accurately assess the size of their attack surface by automatically discovering endpoints as they collect data continuously from a wide range of sources. That level of collaboration makes it easier to track the status of vulnerabilities, the configuration of security controls and types of threat activity. From there, organizations can apply the appropriate preventive controls in a layered approach to cybersecurity involving multiple vendors.
Inaugural Trend Micro One Security partners include Bit Discovery, Google Cloud, Microsoft, Okta, Palo Alto Networks, ServiceNow, Slack, Qualys, Rapid7, Splunk and Tenable.
In general, management of cybersecurity platforms has been shifting steadily to cloud computing platforms that make it easier to centrally manage security across what have become highly distributed computing environments. Those cloud platforms also make it cost-effective to construct a data lake to aggregate risk intelligence. Longer-term, Trend Micro One will provide a foundation for applying machine learning algorithms and other forms of artificial intelligence (AI) to the data it collects, Moore said.
Arguably, the single biggest challenge IT organizations face today is the continued expansion of their attack surface, which now includes myriad things including public clouds to endpoints running internet of things (IoT) applications. All it takes is the compromise of a single platform for a cybercriminal to gain access and distribute malware across the entire enterprise IT environment, where it may sit idle for months before being activated.
Keeping track of all the potential threats and risk is beyond the capability of most internal cybersecurity teams. Aggregating all that data in a cloud service managed by a third party distributes the cost of building a data lake across multiple organizations subscribing to the same service, making it easier for teams to meet their objectives. Most cybersecurity teams do not have the resources and expertise required to build a data lake on their own.
It’s not clear yet how advances in data science may help level the cybersecurity playing field, which today is lopsided in favor of cybercriminals. However, in the absence of better cybersecurity intelligence, the playing field is only going to tilt more in favor of cartels that continue to gain additional financial resources. Many of those cartels are starting to aggregate data in ways that enable them to also apply data science. In effect, organizations of all sizes are now locked in a cybersecurity arms race with those cartels. The only way to cost-effectively participate in that arms race is to take advantage of shared resources whenever and wherever possible.