This white paper reviews the content security threat landscape and how it has evolved into a more dangerous environment, increasing the risks and costs for enterprises.
Trend Micro
Enterprise Security
Immediate Protection. Less Complexity.
Lower Security Risks and Costs by Minimizing the Time to Protection
A Trend Micro White Paper | October 2008
TREND MICRO ENTERPRISE SECURITY
I. INTRODUCTION
The enterprise threat landscape has dramatically changed with the proliferation of a new generation of content security threats. Today's cyber attacks harvest sensitive corporate data and expose companies to the risk of losing revenue, employee productivity, customer relationships, and market reputation. As the headlines prove, targeted threats are hitting companies faster and in larger quantities than they ever have before.
This white paper reviews the content security threat landscape and how it has evolved into a more dangerous environment, increasing the risks and costs for enterprises. This paper discusses how conventional content security approaches are inadequate at defending against today's threats and how a new paradigm is needed to provide sufficient protection. Enterprises need a solution that identifies risks immediately and creates better protection. At the same time, they need a solution that reduces the complexity in acquiring, deploying, and managing security.
Trend Micro Enterprise Security is a tightly integrated offering of content security products, services, and solutions for enterprises concerned about staying ahead of content security threats. At the core of these products and services is the Trend Micro Smart Protection Network, a newly introduced cloud-client architecture designed to provide fast protection with minimal network resources. Trend Micro Enterprise Security powered by our Smart Protection Network provides immediate protection with less complexity, offering lower business risks and costs to enterprises.
II. ENTERPRISE CONTENT SECURITY THREATS
Cybercriminals are taking advantage of business' dependence on email and the web to attack enterprises and steal information and resources. Simple actions like opening an email attachment or clicking on a web link can result in lost confidential data, damaged infrastructure, or a ruined reputation.
The content security threat landscape has changed dramatically over the last few years. Spam is no longer just an annoyance and hackers are not simply creating malware for notoriety, Instead the focus has shifted to profiting from threats that steal data and resources. Profit-driven cybercriminals lurk behind most web threats, creating a new generation of spam and malware based on a powerful underground economy. To maximize profits, cybercriminals have become more sophisticated, delivering faster more insidious attacks. And finally, as content security threats have become more effective, they have dramatically increased in volume.
. Content Security Threats Are Profit Driven. According to a survey conducted by the Department of Justice, over 60 percent of businesses have been hit by cybercrime.[9] Enterprises are direct targets for cybercriminals, seeking to compromise data and resources on a larger scale. This has resulted in the rise of targeted attacks including data-stealing malware, botnet infections, ransom attacks, and other threats
1 White Paper | Trend Micro Enterprise Security TREND MICRO ENTERPRISE SECURITY
designed to profit from the stolen data or resources of enterprises. Data breaches can subject an organization to legal fees and fines, not to mention negatively impacting consumer confidence. From January 2005 to September 2008, The Privacy Rights Clearinghouse reported over 245 million records of personal information had been breached. [8]
. Increased Sophistication Confounds Conventional Security. Cybercriminals no longer need to discover system and application vulnerabilities on their own. Instead, they can now use vulnerability information provided from security researchers to quickly craft exploit code to take advantage of these vulnerabilities. The time between the discovery of a vulnerability and the release of exploit code used to be measured in days or even weeks. Now 94 percent of exploit code that takes advantage of web browser vulnerabilities appears within a day.[3] Cybercriminals are also increasing the sophistication of ... [download for more]
