Much of the data that is included in our 2016 security roundup report, A Record Year for Enterprise Threats, comes from the Trend Micro™ Smart Protection Network™ infrastructure. This is where our global threat intelligence resides and where we provide much of our protection capabilities for our customers. Trend Micro has 500,000 commercial customers and millions of consumers world-wide today which allows us to see vast areas of the threat landscape. The intelligence we receive through feedback from these customers along with our on-the-ground threat researchers and data scientists allow us to develop new technologies and detections for the latest threats targeting customers. A key trend in the threat landscape is customized malware for each victim. In fact, based on our backend data, more than 90 percent of malware is only seen on a single device today. This means that a security vendor needs to be very focused on threats affecting their customers and these threats are not likely to be seen by any other organization or person in the world. As such, businesses should relook at their existing security practice if it follows the old paradigm that multiple vendors are needed in case one misses a threat, the other might detect it. This strategy came from when malware was a one to many model, but today it is a one and only one model.
How well Trend Micro protects its customers can be seen from the data collected across all of 2016 below:
- Trend Micro customers performed nearly 3 trillion reputation queries in 2016 to determine if an email, URL, file, or mobile app was malicious or not
- We blocked more than 1 billion ransomware threats targeting our customers. Of these, 91 percent were email based, 8 percent URL based and only 1 percent file based (I’ll give you a secret, the best place to stop ransomware is at your email and web gateways!! The endpoint is the worst place.)
- We blocked more than 81 billion total threats targeting our customers in 2016. This is an average of 2,597 threats blocked per second
Figure 1: Smart Protection Network 2016 Statistics
My final thoughts and comments are on how organizations can better protect themselves in 2017 from the threats we saw in 2016 and other emerging threats. Threat actors will target your employees with spam and phishing emails as part of their efforts to compromise your network. Whether this is ransomware or a targeted attack, this is the preferred method of entry. As such, organizations should take a rigorous review of their email and web security solutions, as well as their employee education program on threat awareness. This will help minimize your risk of infection this year. Also, endpoint security is having a resurgence with the emergence of newer machine learning capabilities and behavior monitoring technologies all intended to detect zero hour malware. Trend Micro is leading the way with our new XGen™ Security, which is being integrated into all of our products and services. This multi-layered, cross-generational security framework can improve your security and minimize your reliance on multiple vendors, providing you with a more efficient way to manage security within your organization.