• TREND MICRO
  • ABOUT
Search:
  • Latest Posts
  • Categories
    • Android
    • AWS
    • Azure
    • Cloud
    • Compliance
    • Critical Infrastructure
    • Cybercrime
    • Encryption
    • Financial Services
    • Government
    • Hacks
    • Healthcare
    • Internet of Everything
    • Malware
    • Microsoft
    • Mobile Security
    • Network
    • Privacy
    • Ransomware
    • Security
    • Social Media
    • Small Business
    • Targeted Attacks
    • Trend Spotlight
    • Virtualization
    • Vulnerabilities
    • Web Security
    • Zero Day Initiative
    • Industry News
  • Our Experts
    • Ed Cabrera
    • Rik Ferguson
    • Greg Young
    • Mark Nunnikhoven
    • Jon Clay
    • William “Bill” Malik
  • Research
Home   »   Security   »   Is it time to rethink your security model?

Is it time to rethink your security model?

  • Posted on:October 23, 2013
  • Posted in:Security
  • Posted by:
    Jon Clay (Global Threat Communications)
0

Many organizations are still supporting a security model that was developed years ago and is not reflecting the changes needed to address today’s challenges, including the changes in the threat landscape, the changes in the economics, and the need to do more with less.

The threat landscape has shifted from one where outbreaks, spam and malware were the norm to one where cybercriminals now target specific users, groups or organizations using spear-phishing emails with custom malware or custom malicious links designed to compromise the victim(s).  Organizations that have not shifted their security model to reflect these changes are likely to have a higher risk of becoming a victim.

With the world markets still dealing with the global recession, budgets are continuing to be constrained, and IT must constantly do more with less.  Security IT budgets are set up to spend based on the older model, and as such, are likely not allowing an organization to take advantage of economies of scale and the commoditization of certain solutions.

A new approach is needed to address the shifts that have occurred just in the past few years, and reviewing your current security model and asking yourself a few questions could help you lower your risks and costs.

  • Are you paying a premium for a solution that addressed a threat that was critical 2-3 years ago, like spam, where now you may want to focus more on anti-phishing?
  • Are you paying a premium for a security solution that is increasingly being commoditized?
  • Are you supporting multiple anti-malware vendor solutions because in the past you thought if one didn’t detect a piece of malware, the other would?

 

We see these situations occurring regularly today and recommend a different model to support both the shift in the threat landscape and the changes in the economics.

Trend Micro commissioned Forrester Research to interview four global companies to identify whether going with a single-vendor model can improve their security investment – both from an improved protection and remediation aspect and from a return on investment perspective.  What they found is that organizations that deployed a single-vendor model were able to achieve the following:

  • 60% reduction in security issues requiring remediation
  • 50% reduction in remediation time
  • 120 end-user-hours per week saved from security-related downtime or slowdowns

 

More importantly, Forrester calculated an average of 146% return on the initial investment by these companies with an average payback period of just 5.3 months. The threat landscape of today demands the fastest time to protect for the new custom threats that are attacking these companies.  As such, consolidating the number of vendors companies have to deal with during an attack allows them to quickly deal with the issue.  Consolidating the security solutions used within the organizations to a single vendor solution with a single management console allows the business to gain visibility into what is occurring and to spend less time learning and dealing with multiple vendor solutions.  The results speak for themselves, and these businesses are now able to do more with less, whether it is the time to manage the entire solution or the time it takes to identify and mitigate a new threat.

Trend Micro has consistently shown itself to be one of the fastest security providers to deal with new threats.  NSS Labs is one of the only testing organizations that has included a time-to-protect factor into their tests.  For three separate tests, Trend Micro has had the fastest turnaround time.

Average Time to Protect

Click on image to enlarge.

Source: NSS Labs 2009 Consumer Report (Time-to-Protect results)

ATtB Malicious Sites

Click on image to enlarge.

 

Source: NSS Labs 2010 Consumer Report

Average Time to Block

Click on image to enlarge.

 

Source: 2013 Consumer Phishing Test

Lowering investment costs also frees up the company’s IT budget to invest in newer technologies needed to address the new threats of today.  Less time managing the entire solution also frees up your important IT employees to deal with more pressing matters and to investigate many of the suspicious incidents that could be part of a targeted attack.

Join us for a live joint webinar on Wednesday, November 13 at 11 a.m. PST/2 p.m. EST with Forrester researchers who will share their perspective on today’s security landscape and discuss the research they did for Trend Micro, as well as how you can address the changes identified above.

See more information, and register for the webinar here.

Related posts:

  1. Data-centric security key for BYOD mobility model
  2. A New Conceptual Model for Data Center Security
  3. The Security as a Service Model
  4. Data-centric model key to cloud security

Security Intelligence Blog

  • Our New Blog
  • How Unsecure gRPC Implementations Can Compromise APIs, Applications
  • XCSSET Mac Malware: Infects Xcode Projects, Performs UXSS Attack on Safari, Other Browsers, Leverages Zero-day Exploits

Featured Authors

Ed Cabrera (Chief Cybersecurity Officer)
Ed Cabrera (Chief Cybersecurity Officer)
  • Ransomware is Still a Blight on Business
Greg Young (Vice President for Cybersecurity)
Greg Young (Vice President for Cybersecurity)
  • Not Just Good Security Products, But a Good Partner
Jon Clay (Global Threat Communications)
Jon Clay (Global Threat Communications)
  • This Week in Security News: Ransomware Gang is Raking in Tens of Millions of Dollars and Microsoft Patch Tuesday Update Fixes 17 Critical Bugs
Mark Nunnikhoven (Vice President, Cloud Research)
Mark Nunnikhoven (Vice President, Cloud Research)
  • Twitter Hacked in Bitcoin Scam
Rik Ferguson (VP, Security Research)
Rik Ferguson (VP, Security Research)
  • The Sky Has Already Fallen (you just haven’t seen the alert yet)
William
William "Bill" Malik (CISA VP Infrastructure Strategies)
  • Black Hat Trip Report – Trend Micro

Follow Us

Trend Micro In The News

  • Advanced Cloud-Native Container Security Added to Trend Micro's Cloud One Services Platform
  • Trend Micro Goes Global to Find Entrepreneurs Set to Unlock the Smart Connected World
  • Winners of Trend Micro Global Capture the Flag Demonstrate Excellence in Cybersecurity
  • Companies Leveraging AWS Well-Architected Reviews Now Benefit from Security Innovations from Trend Micro
  • Trend Micro Announces World's First Cloud-Native File Storage Security
  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © 2017 Trend Micro Incorporated. All rights reserved.