Analytics
11/27/2012
06:32 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Trend Micro New Free Online Assessment Tools For Cloud, Cyber & Mobile Security

Results are provided in five areas of security: protection, responsiveness, organization, expertise and visibility

CUPERTINO, Calif., Nov. 27, 2012 /PRNewswire/ -- Trend Micro today announced its Trend Micro Online Security Assessment Tools for Cloud, Cyber & Mobile Security, which will provide customers with an assessment of their current business' security posture with respect to cloud adoption, consumerization and targeted attacks. Use of these cost-free security assessment tools are designed to help plan and deploy security measures needed to manage mobile devices, secure your journey to cloud computing and defend against targeted cyber-attacks.

Trend Micro Japan was the first to introduce TrendMicro.com/SecurityAssessment tools and with this release, Trend Micro is now offering this proven tool in English on its website. By doing so, Trend Micro is providing organizations with needed feedback on their current security policies and implementations and comparisons against peers of similar size and industry focus.

By answering 25 yes/no questions, this tool will provide an assessment of a company's current security posture, provide a comparison against industry averages and offer suggestions on how to improve current security practices.

Results are provided in five areas of security: protection, responsiveness, organization, expertise and visibility.

Trend Micro recently conducted the same assessments with organizations of 500 or more employees* in nine countries. The nine countries represented included USA, Germany, UK, France, Brazil, Japan, India, Canada and Australia. Here are some interesting results from the recent assessments conducted by Trend Micro:

Advanced Persistent Threats:

-- For overall readiness against targeted attacks, organizations in Japan appear to be the least ready, while those in the US and Canada appear to be the most ready, scoring 3.3 and 4.6 out of 5, respectively.

-- On average across these nine countries, approximately 84.7 percent of organizations reported a documented process for handling an attack, with approximately 93% of US and approximately 64.1 percent of Japanese organizations reporting having such a process.

-- Also on average across these nine countries, approximately 86.5 percent of organizations share their security policies regularly with employees, with approximately 95.6 percent of Canadian and 73.8 percent of Japanese organizations sharing such policies with employees regularly.

-- A smaller percentage of organizations, on average about 75.6 percent, educate their employees about targeted attacks, which tend to focus on individual employees, with UK leading the way with approximately 87.3 % of British organizations and Japan at the back with about 51.8 % of Japanese organizations being proactive about education.

"We have seen a real need for a tool that assists companies with their move to the cloud and increase need to access company resources via mobile or BYOD adoption with many devices including personal computers, mobile and tablet devices. Certainly there exists a heightened awareness around security with cloud adoption as well as APT/Targeted attacks," said Jon Clay, senior manager, core technology marketing.

Ready for the Cloud:

-- Overall, according to these assessments, US organizations are the most cloud-ready and Japanese organizations are the least cloud-ready, scoring 4.5 and 2.3, respectively.

-- US and Canadian organizations are the highest-ranked when it comes to having a cloud security policy shared regularly with employees.

-- Approximately 89% of US organizations encrypt their important data in the cloud, with only about 39.6 percent of Japanese organizations encrypting their cloud data.

To test your readiness, Please visit: http://securityassessment.trendmicro.com/

About Trend Micro

Trend Micro Incorporated (TYO: 4704; TSE: 4704), the global cloud security leader, creates a world safe for exchanging digital information with its Internet content security and threat management solutions for businesses and consumers. A pioneer in server security with over 20 years' experience, we deliver top-ranked client, server and cloud-based security that fits our customers' and partners' needs, stops new threats faster, and protects data in physical, virtualized and cloud environments. Powered by the industry-leading Trend Micro(TM) Smart Protection Network(TM) global threat intelligence data mining framework, our products and services stop threats where they emerge - from the Internet. They are supported by 1,000+ threat intelligence experts around the globe.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading December Tech Digest
Experts weigh in on the pros and cons of end-user security training.
Flash Poll
Threat Intel Today
Threat Intel Today
The 397 respondents to our new survey buy into using intel to stay ahead of attackers: 85% say threat intelligence plays some role in their IT security strategies, and many of them subscribe to two or more third-party feeds; 10% leverage five or more.
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-3407
Published: 2014-11-27
The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA) Software 9.3(.2) and earlier does not properly allocate memory blocks during HTTP packet handling, which allows remote attackers to cause a denial of service (memory consumption) via crafted packets, aka Bug ID CSCuq68888.

CVE-2014-4829
Published: 2014-11-27
Cross-site request forgery (CSRF) vulnerability in IBM Security QRadar SIEM and QRadar Risk Manager 7.1 before MR2 Patch 9 and 7.2 before 7.2.4 Patch 1, and QRadar Vulnerability Manager 7.2 before 7.2.4 Patch 1, allows remote attackers to hijack the authentication of arbitrary users for requests tha...

CVE-2014-4831
Published: 2014-11-27
IBM Security QRadar SIEM and QRadar Risk Manager 7.1 before MR2 Patch 9 and 7.2 before 7.2.4 Patch 1, and QRadar Vulnerability Manager 7.2 before 7.2.4 Patch 1, allow remote attackers to hijack sessions via unspecified vectors.

CVE-2014-4832
Published: 2014-11-27
IBM Security QRadar SIEM and QRadar Risk Manager 7.1 before MR2 Patch 9 and 7.2 before 7.2.4 Patch 1, and QRadar Vulnerability Manager 7.2 before 7.2.4 Patch 1, allow remote attackers to obtain sensitive cookie information by sniffing the network during an HTTP session.

CVE-2014-4883
Published: 2014-11-27
resolv.c in the DNS resolver in uIP, and dns.c in the DNS resolver in lwIP 1.4.1 and earlier, does not use random values for ID fields and source ports of DNS query packets, which makes it easier for man-in-the-middle attackers to conduct cache-poisoning attacks via spoofed reply packets.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Now that the holiday season is about to begin both online and in stores, will this be yet another season of nonstop gifting to cybercriminals?