Analytics
11/27/2012
06:32 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%

Trend Micro New Free Online Assessment Tools For Cloud, Cyber & Mobile Security

Results are provided in five areas of security: protection, responsiveness, organization, expertise and visibility

CUPERTINO, Calif., Nov. 27, 2012 /PRNewswire/ -- Trend Micro today announced its Trend Micro Online Security Assessment Tools for Cloud, Cyber & Mobile Security, which will provide customers with an assessment of their current business' security posture with respect to cloud adoption, consumerization and targeted attacks. Use of these cost-free security assessment tools are designed to help plan and deploy security measures needed to manage mobile devices, secure your journey to cloud computing and defend against targeted cyber-attacks.

Trend Micro Japan was the first to introduce TrendMicro.com/SecurityAssessment tools and with this release, Trend Micro is now offering this proven tool in English on its website. By doing so, Trend Micro is providing organizations with needed feedback on their current security policies and implementations and comparisons against peers of similar size and industry focus.

By answering 25 yes/no questions, this tool will provide an assessment of a company's current security posture, provide a comparison against industry averages and offer suggestions on how to improve current security practices.

Results are provided in five areas of security: protection, responsiveness, organization, expertise and visibility.

Trend Micro recently conducted the same assessments with organizations of 500 or more employees* in nine countries. The nine countries represented included USA, Germany, UK, France, Brazil, Japan, India, Canada and Australia. Here are some interesting results from the recent assessments conducted by Trend Micro:

Advanced Persistent Threats:

-- For overall readiness against targeted attacks, organizations in Japan appear to be the least ready, while those in the US and Canada appear to be the most ready, scoring 3.3 and 4.6 out of 5, respectively.

-- On average across these nine countries, approximately 84.7 percent of organizations reported a documented process for handling an attack, with approximately 93% of US and approximately 64.1 percent of Japanese organizations reporting having such a process.

-- Also on average across these nine countries, approximately 86.5 percent of organizations share their security policies regularly with employees, with approximately 95.6 percent of Canadian and 73.8 percent of Japanese organizations sharing such policies with employees regularly.

-- A smaller percentage of organizations, on average about 75.6 percent, educate their employees about targeted attacks, which tend to focus on individual employees, with UK leading the way with approximately 87.3 % of British organizations and Japan at the back with about 51.8 % of Japanese organizations being proactive about education.

"We have seen a real need for a tool that assists companies with their move to the cloud and increase need to access company resources via mobile or BYOD adoption with many devices including personal computers, mobile and tablet devices. Certainly there exists a heightened awareness around security with cloud adoption as well as APT/Targeted attacks," said Jon Clay, senior manager, core technology marketing.

Ready for the Cloud:

-- Overall, according to these assessments, US organizations are the most cloud-ready and Japanese organizations are the least cloud-ready, scoring 4.5 and 2.3, respectively.

-- US and Canadian organizations are the highest-ranked when it comes to having a cloud security policy shared regularly with employees.

-- Approximately 89% of US organizations encrypt their important data in the cloud, with only about 39.6 percent of Japanese organizations encrypting their cloud data.

To test your readiness, Please visit: http://securityassessment.trendmicro.com/

About Trend Micro

Trend Micro Incorporated (TYO: 4704; TSE: 4704), the global cloud security leader, creates a world safe for exchanging digital information with its Internet content security and threat management solutions for businesses and consumers. A pioneer in server security with over 20 years' experience, we deliver top-ranked client, server and cloud-based security that fits our customers' and partners' needs, stops new threats faster, and protects data in physical, virtualized and cloud environments. Powered by the industry-leading Trend Micro(TM) Smart Protection Network(TM) global threat intelligence data mining framework, our products and services stop threats where they emerge - from the Internet. They are supported by 1,000+ threat intelligence experts around the globe.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-6117
Published: 2014-07-11
Dahua DVR 2.608.0000.0 and 2.608.GV00.0 allows remote attackers to bypass authentication and obtain sensitive information including user credentials, change user passwords, clear log files, and perform other actions via a request to TCP port 37777.

CVE-2014-0174
Published: 2014-07-11
Cumin (aka MRG Management Console), as used in Red Hat Enterprise MRG 2.5, does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie.

CVE-2014-3485
Published: 2014-07-11
The REST API in the ovirt-engine in oVirt, as used in Red Hat Enterprise Virtualization (rhevm) 3.4, allows remote authenticated users to read arbitrary files and have other unspecified impact via unknown vectors, related to an XML External Entity (XXE) issue.

CVE-2014-3499
Published: 2014-07-11
Docker 1.0.0 uses world-readable and world-writable permissions on the management socket, which allows local users to gain privileges via unspecified vectors.

CVE-2014-3503
Published: 2014-07-11
Apache Syncope 1.1.x before 1.1.8 uses weak random values to generate passwords, which makes it easier for remote attackers to guess the password via a brute force attack.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Marilyn Cohodas and her guests look at the evolving nature of the relationship between CIO and CSO.