Trend Micro Warns Devices and Accounts are Highest-Risk Assets
Cyber Risk Report highlights critical vulnerability, offers new ways to prioritize risk management
[Hong Kong, October 2, 2024] Trend Micro Incorporated (TYO: 4704; TSE: 4704), a global cybersecurity leader, today urged network defenders to gain greater visibility into risk across their attack surface, after unveiling a new study* which provides granular metrics by region, company size, industry, asset type and more.
To read a full copy of the report, Intercepting Impact: 2024 Trend Micro Cyber Risk Report, please visit: https://www.trendmicro.com/vinfo/hk/security/news/cybercrime-and-digital-threats/intercepting-impact-2024-trend-micro-cyber-risk-report
Jon Clay, VP of threat intelligence at Trend Micro: “Trend’s cyber risk report shares key insights on where risks are greatest within organizations such as weak security controls, misconfigurations, and unpatched actively exploited vulnerabilities. Shifting towards a more risk-based approach to cybersecurity—discovering the entire attack surface, using AI to calculate the actual risk, and providing mitigating controls advice—allows an organization to improve its cybersecurity posture like never before. This is a game changer for the industry.”
Using a risk event catalog, the Trend Vision One™ platform calculates a risk score for each asset type and an index for organizations by multiplying an asset’s attack, exposure, and security configuration by impact. An asset with low business impact and few privileges has a smaller attack surface, while higher-value assets with more privileges have a larger attack surface.
The following assets are the most at risk:
The number of high-risk devices is much higher than that of accounts, even though there are more accounts in total. Devices have a larger attack surface—i.e., they can be targeted with more threats. However, accounts are still valuable as they can grant threat actors access to various resources.
Elsewhere, the report also found:
The report also uncovered many weak configurations that could lead to compromise, especially around security control settings.
As the threat landscape continues to evolve, organizations' ability to identify and manage risks is becoming increasingly crucial. The Trend Vision One™ platform, with its integrated Attack Surface Risk Management (ASRM), provides the necessary tools for comprehensive threat visibility and effective risk mitigation.
The following steps are recommended to help mitigate cyber risk:
*The report is based on telemetry data from Trend Micro’s Attack Surface Risk Management (ASRM) solution in its flagship cybersecurity platform, Trend Vision One™, plus the native eXtended Detection and Response (XDR) tools. It’s divided into two sections: the user side covers risk in assets, processes, and vulnerabilities, while the adversary side maps adversary behaviors, MITRE, and TTPs. Data points are based on telemetry from December 25, 2023, to June 30, 2024.
About Trend Micro
Trend Micro, a global cybersecurity leader, helps make the world safe for exchanging digital information. Fueled by decades of security expertise, global threat research, and continuous innovation, Trend Micro's AI-powered cybersecurity platform protects hundreds of thousands of organizations and millions of individuals across clouds, networks, devices, and endpoints. As a leader in cloud and enterprise cybersecurity, Trend’s platform delivers a powerful range of advanced threat defense techniques optimized for environments like AWS, Microsoft, and Google, and central visibility for better, faster detection and response. With 7,000 employees across 70 countries, Trend Micro enables organizations to simplify and secure their connected world. www.trendmicro.com.hk.
Media Contact:
Claudius Lam – Trend Micro
+ 852 2214 3288 (Office)
+ 852 9022 0876 (Mobile)
Email: claudius_lam@trendmicro.com