“Organised crime is now commercially produced. The bad guys are trying to break our methods of protection, and one virus has turned into a criminal enterprise of many components. We can no longer focus on detecting code – there’s too much of it – instead we need to detect and protect against the source”, Perry said.
Summarising the Black Hat conference findings, Perry said that “many vulnerabilities in Oracle, Windows 7, etc., have been disclosed, and there are planned demonstrations of how to hack into cell phone conversations at Def Con”.
Perry declared “no prominent end to vulnerabilities. There are endless new ways to exploit systems and we’re playing a constant race to catch up. People think that [information security] is just one problem, but there are 100 000 problems. Threats are everywhere – not just in email and on the web”.
In order to “avoid being bothersome”, and remove the burden from the endpoint, Trend Micro have moved their “heavy lifting” to the cloud. As products become bigger over time, explains David Liberman, director of product marketing at Trend Micro, they become visible, and thus bothersome to the client. “People are more concerned with what they can see”, he said.
Virtualised security
With the acquisition of Third Brigade a few years ago, which Lieberman describes as “a Swiss army knife that protects servers”, Trend Micro were able to move into the protection of virtual environments. “Security is a big concern for companies using virtual environments, and traditional security is not doing the job. It’s costing companies money, not saving them any. Traditional security will crash servers and performance will drop as a result”. Security, he said, needs to be developed specifically for virtualised environments.
While Lieberman admits that “No [vendor] is perfect in this market”, they boast that their smart network detection rate of 96% is ten times faster to react when something “slips through” than any other vendor. “There are 120 000 malware samples every day”, says Perry, reasoning that “hackers are intentionally trying to break pattern file network. It’s not just anti-virus protection anymore”, he said, insisting that they are trying to communicate this to the customer.
Lieberman acknowledges that the state of cybercrime “is bad. Security is not good”. In defense of the information security industry, however, he insists that “without us [the industry], you wouldn’t dare use the internet. The whole world is moving online, including the criminals, because that is where the money is”. Lieberman believes that we are already in a state of cyber-warfare, and predicts that cyber-terrorism is next.
“You need us [the industry] to do what we do. We need more researchers and we need to protect our futures”, he said.
A converged market
While Lieberman believes that the information security industry is “hitting a more mature phase”, he is confident that new start-ups will continue to enter the industry and bring in innovation, while mergers and acquisitions continue.
“New technologies will continue to creep into address new threats”, he said.
Lieberman acknowledged both the benefits and challenges of unified threat management solutions. “While encryption and other technologies become a feature rather than a standalone feature, customers want one vendor to do everything for them. If not, they at least demand that the products talk to each other”.
On the other hand, Lieberman admits that there are downsides to UTM. “Some vendors just throw stuff on and customers see through this when performance suffers”.
Since Eva Chen’s philosophy is “security that fits”, Trend Micro’s focus is on alliances and partnerships. “We’re moving towards open standards”, he concludes.