Analytics
11/27/2012
06:32 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Trend Micro New Free Online Assessment Tools For Cloud, Cyber & Mobile Security

Results are provided in five areas of security: protection, responsiveness, organization, expertise and visibility

CUPERTINO, Calif., Nov. 27, 2012 /PRNewswire/ -- Trend Micro today announced its Trend Micro Online Security Assessment Tools for Cloud, Cyber & Mobile Security, which will provide customers with an assessment of their current business' security posture with respect to cloud adoption, consumerization and targeted attacks. Use of these cost-free security assessment tools are designed to help plan and deploy security measures needed to manage mobile devices, secure your journey to cloud computing and defend against targeted cyber-attacks.

Trend Micro Japan was the first to introduce TrendMicro.com/SecurityAssessment tools and with this release, Trend Micro is now offering this proven tool in English on its website. By doing so, Trend Micro is providing organizations with needed feedback on their current security policies and implementations and comparisons against peers of similar size and industry focus.

By answering 25 yes/no questions, this tool will provide an assessment of a company's current security posture, provide a comparison against industry averages and offer suggestions on how to improve current security practices.

Results are provided in five areas of security: protection, responsiveness, organization, expertise and visibility.

Trend Micro recently conducted the same assessments with organizations of 500 or more employees* in nine countries. The nine countries represented included USA, Germany, UK, France, Brazil, Japan, India, Canada and Australia. Here are some interesting results from the recent assessments conducted by Trend Micro:

Advanced Persistent Threats:

-- For overall readiness against targeted attacks, organizations in Japan appear to be the least ready, while those in the US and Canada appear to be the most ready, scoring 3.3 and 4.6 out of 5, respectively.

-- On average across these nine countries, approximately 84.7 percent of organizations reported a documented process for handling an attack, with approximately 93% of US and approximately 64.1 percent of Japanese organizations reporting having such a process.

-- Also on average across these nine countries, approximately 86.5 percent of organizations share their security policies regularly with employees, with approximately 95.6 percent of Canadian and 73.8 percent of Japanese organizations sharing such policies with employees regularly.

-- A smaller percentage of organizations, on average about 75.6 percent, educate their employees about targeted attacks, which tend to focus on individual employees, with UK leading the way with approximately 87.3 % of British organizations and Japan at the back with about 51.8 % of Japanese organizations being proactive about education.

"We have seen a real need for a tool that assists companies with their move to the cloud and increase need to access company resources via mobile or BYOD adoption with many devices including personal computers, mobile and tablet devices. Certainly there exists a heightened awareness around security with cloud adoption as well as APT/Targeted attacks," said Jon Clay, senior manager, core technology marketing.

Ready for the Cloud:

-- Overall, according to these assessments, US organizations are the most cloud-ready and Japanese organizations are the least cloud-ready, scoring 4.5 and 2.3, respectively.

-- US and Canadian organizations are the highest-ranked when it comes to having a cloud security policy shared regularly with employees.

-- Approximately 89% of US organizations encrypt their important data in the cloud, with only about 39.6 percent of Japanese organizations encrypting their cloud data.

To test your readiness, Please visit: http://securityassessment.trendmicro.com/

About Trend Micro

Trend Micro Incorporated (TYO: 4704; TSE: 4704), the global cloud security leader, creates a world safe for exchanging digital information with its Internet content security and threat management solutions for businesses and consumers. A pioneer in server security with over 20 years' experience, we deliver top-ranked client, server and cloud-based security that fits our customers' and partners' needs, stops new threats faster, and protects data in physical, virtualized and cloud environments. Powered by the industry-leading Trend Micro(TM) Smart Protection Network(TM) global threat intelligence data mining framework, our products and services stop threats where they emerge - from the Internet. They are supported by 1,000+ threat intelligence experts around the globe.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
Threat Intel Today
Threat Intel Today
The 397 respondents to our new survey buy into using intel to stay ahead of attackers: 85% say threat intelligence plays some role in their IT security strategies, and many of them subscribe to two or more third-party feeds; 10% leverage five or more.
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-4440
Published: 2014-12-19
Password Generator (aka Pwgen) before 2.07 generates weak non-tty passwords, which makes it easier for context-dependent attackers to guess the password via a brute-force attack.

CVE-2013-4442
Published: 2014-12-19
Password Generator (aka Pwgen) before 2.07 uses weak pseudo generated numbers when /dev/urandom is unavailable, which makes it easier for context-dependent attackers to guess the numbers.

CVE-2014-2026
Published: 2014-12-19
Cross-site scripting (XSS) vulnerability in the search functionality in United Planet Intrexx Professional before 5.2 Online Update 0905 and 6.x before 6.0 Online Update 10 allows remote attackers to inject arbitrary web script or HTML via the request parameter.

CVE-2014-2716
Published: 2014-12-19
Ekahau B4 staff badge tag 5.7 with firmware 1.4.52, Real-Time Location System (RTLS) Controller 6.0.5-FINAL, and Activator 3 reuses the RC4 cipher stream, which makes it easier for remote attackers to obtain plaintext messages via an XOR operation on two ciphertexts.

CVE-2014-5212
Published: 2014-12-19
Cross-site scripting (XSS) vulnerability in nds/search/data in iMonitor in Novell eDirectory before 8.8 SP8 Patch 4 allows remote attackers to inject arbitrary web script or HTML via the rdn parameter.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Join us Wednesday, Dec. 17 at 1 p.m. Eastern Time to hear what employers are really looking for in a chief information security officer -- it may not be what you think.