How many of you can remember what it was like managing IT security 10 years ago? How about two decades? The truth is that the landscape was so utterly different back then that any comparisons with today are a little unfair. Yet they’re useful in one key regard: to teach us just how complex and chaotic the IT world around us is today. Making sense of this chaos and mastering the threats that have grown out of increasing complexity is what Trend Micro has been doing for not one or two but three decades now.
We’ve come a long way
Why has IT complexity increased so much over the past 30 years? A great deal of it can be put down to three interlinked trends: connectivity, mobility and evolving infrastructure. Back in 1988, when Trend Micro was founded, there was no Internet of Things (IoT), in fact, there was barely an internet at all to speak of. The first web browsers had yet to be invented, and your choice of computing infrastructure largely consisted of mainframes or new client-server architectures. To IT teams, clouds were still those fluffy white things in the sky, while barely pocket-sized mobile phones did one job and one job only: voice calls.
Fast forward to today and we live in a world where billions of intelligent, internet-connected devices communicate with each other, often with no human interaction whatsoever. It’s predicted there’ll be 75 billion of them in the world by 2025, making us healthier and happier, our cities smarter, and our businesses more agile, innovative and productive. Meanwhile, IT infrastructure has advanced a long way from the days of the client-server model to incorporate virtualization, hybrid cloud and now containers and serverless architectures. By 2020, it’s predicted that 80% of workloads will be virtualized, 92% of organizations will be using the cloud, 78% will be using containers and 20% serverless. Combined with high-speed, reliable connectivity, the effect has been to unleash innovation-fueled growth, agile, customer-centric development and — you guessed it — IT complexity.
As if that weren’t enough, a Fourth Industrial Revolution combining all of the above plus robotics, AI, automation, big data and more promises to drive even greater process efficiencies, reveal new insights and herald astonishing breakthroughs in a variety of fields.
Threats are everywhere
The cumulative effect of all this innovation has been to expand the corporate attack surface to a size never before seen. A typical organization may run thousands if not tens of thousands of IoT and mobile endpoints, cloud accounts, containers and VMs, for example. Many IT departments are so overwhelmed that they’re unable to keep all of this infrastructure patched and secure.
To make matters worse, over the past three decades the bad guys have also been innovating, and in many cases, at a much faster rate. They’re supported today by a vast underground economy estimated to be worth $1.5 trillion, which provides all the tools and knowledge they need to launch attacks, as well as a readymade market on which to sell their spoils. In most cases this means data, the lifeblood of the digital economy. In fact, so much of it is being created every second that organizations are finding it increasingly difficult to know how much they have, what’s worth protecting and how best to do so.
Cyber criminals, on the other hand, are just getting started. Trend Micro blocked 48 billion threats in 2018 alone. They’ve continued to evolve their techniques to produce over the years threats as diverse as: banking trojans, ransomware, Business Email Compromise (BEC) attacks and crypto-mining malware. And the innovation continues: we blocked five billion threats in 2018 that had never been seen before. Fileless malware tactics, use of digitally signed malware, unusual file types, and hijacking of email accounts through social engineering are all proving highly successful. In the future we predict they’ll use AI to profile and target firms even more effectively.
Finding an elegant, even beautiful, solution to all this chaos and IT complexity may seem like an impossible task. But at Trend Micro we’ve made cybersecurity an art form, using our proven foresight, a cross-generational security strategy (XGen™), and our passionate people to give our customers the freedom to go further and do more. In part two I’ll explain how.
To find out more about how cybersecurity can be beautiful, check out: www.TheArtofCybersecurity.com