by Alex Ekuza
Cyber-attacks targeting global enterprises and big-name brands tend to attract most media attention. But the truth is that SMBs are hit more frequently by threat actors. A recent government report reveals that two-thirds (65%) of mid-sized organisations in the UK suffered a security breach last year. That makes threat detection and response an increasingly important part of any proactive security stance. But many organisations, especially smaller ones, find this part of security operations (SecOps) overwhelming if they don’t have the right tools to prioritise alerts.
That’s why Walsall Housing Group chose Trend Micro Vision One to mitigate the growing risk of cyber-threats.
Escaping detection
The threat landscape last year was dominated by ransomware and attacks targeting newly emerging gaps in protection brought about by the shift to mass remote working. Think: hijacked RDP endpoints, exploited VPNs and phishing attacks aimed at home workers. Over 90% of the 62.6 billion cyber threats we blocked for customers last year were email-borne. That means social engineering is still working, especially if those working from home are more distracted than usual.
Another tactic making threats harder to spot is the use of legitimate tools for lateral movement and data exfiltration. The likes of Cobalt Strike and PSExec are increasingly utilised by ransomware groups to escape detection.
The impact on corporate victims can be severe: ransomware alone can lead to significant financial and reputational damage. Increasingly today, systems aren’t just taken offline for days or even weeks, but data is also stolen and leaked in the process.
The issue with alert overload
A major challenge for organisations everywhere is that SecOps teams feel overwhelmed by the number of alerts being generated by security products and find it challenging to prioritise and respond to these alerts. Put simply, there’s so much noise being generated that genuine threats often get missed.
Walsall Housing Group’s Cyber Security Manager, Adam Phipps, was well aware of such challenges and this is why he chose Trend Micro Vision One. Our unified, end-to-end platform detects and correlates threats across endpoints, networks, hybrid cloud servers and email systems—driving enhanced visibility into risk and faster response times. It’s also been designed to integrate with multiple third-party solutions like SIEM and SOAR products, for added value.
Why Trend Micro Vision One was the right choice
With Trend Micro Vision One in place, Phipps has been able not only to manage cyber-risk to acceptable levels, but demonstrate the value of his investments to key stakeholders from the organisation.
“Trend Micro Vision One gives us powerful security analytics that allow for extra visibility and control, which means that we are able to drastically reduce our time-to-respond to critical cyber risks”, he says. “We feel we are no longer overwhelmed by the sheer volume of security alerts and can focus our time more effectively, safe in the knowledge that if anything critical comes in, we will be able to prioritise it.”
Find out more about Trend Micro Vision One here.