Trend Micro's Latest Study Reveals Critical Insights on High-Risk Cyber Assets

Trend Micro's Latest Study Reveals Critical Insights on High-Risk Cyber Assets
Published on
3 min read

Trend Micro Incorporated  urged network defenders to gain greater visibility into risk across their attack surface, after unveiling a new study* which provides granular metrics by region, company size, industry, asset type and more. 

Sharda Tickoo, Country Manager for India & SAARC at Trend Micro: “Trend’s cyber risk report shares key insights on where risks are greatest within organizations such as weak security controls, misconfigurations, and unpatched actively exploited vulnerabilities. Shifting towards a more risk-based approach to cybersecurity—discovering the entire attack surface, using AI to calculate the actual risk, and providing mitigating controls advice—allows an organization to improve its cybersecurity posture like never before. This is a game changer for the industry.”

Using a risk event catalog, the Trend Vision One™ platform calculates a risk score for each asset type and an index for organizations by multiplying an asset’s attack, exposure, and security configuration by impact. An asset with low business impact and few privileges has a smaller attack surface, while higher-value assets with more privileges have a larger attack surface.

The following assets are the most at risk:

  • Devices: 22.6 million total devices, with 877,316 classified as high-risk.

  • Accounts: 53.9 million total accounts, with 12,346 classified as high-risk.

  • Cloud Assets: 14.5 million total cloud assets, with 9,944 classified as high-risk.

  • Internet-Facing Assets: 1.1 million total, with 1,661 classified as high-risk.

  • Applications: 8.8 million total applications, with 489 classified as high-risk.

The number of high-risk devices is much higher than that of accounts, even though there are more accounts in total. Devices have a larger attack surface—i.e., they can be targeted with more threats. However, accounts are still valuable as they can grant threat actors access to various resources.

Elsewhere, the report also found:

  • Americas has the highest average risk index among regions, with an average risk index rating of 43.4, driven by vulnerabilities in the banking sector and critical infrastructure and the region’s attractiveness to profit-driven actors.

  • Europe is the quickest region to patch vulnerabilities, indicating strong security practices.

  • Mining has the highest risk score of any vertical due to its strategic position in global supply chains and large attack surface.

  • Pharmaceuticals are the fastest sector to patch vulnerabilities by several days, reflecting the importance of protecting sensitive data.

  • The top detected risk event is accessing cloud applications with a high risk level based on historical application data, known security features, and community knowledge.

  • Old and inactive accounts, accounts with disabled security controls, and sensitive data being sent outside the network are other risk events with high event counts.

The report also uncovered many weak configurations that could lead to compromise, especially around security control settings.

As the threat landscape continues to evolve, organizations' ability to identify and manage risks is becoming increasingly crucial. The Trend Vision One™ platform, with its integrated Attack Surface Risk Management (ASRM), provides the necessary tools for comprehensive threat visibility and effective risk mitigation.

The following steps are recommended to help mitigate cyber risk:

  • Optimize product security settings to get alerts on misconfigurations.

  • When a risky event is detected, contact the device and/or account owner to verify the event. Investigate the event using the Trend Vision One™ Workbench search function to find more information about or check event details on the product management server.

  • Disable risky accounts or reset them with a strong password and enable multi-factor authentication (MFA).

  • Apply the latest patches or upgrade application and operation system versions regularly.

The report is based on telemetry data from Trend Micro’s Attack Surface Risk Management (ASRM) solution in its flagship cybersecurity platform, Trend Vision One™, plus the native eXtended Detection and Response (XDR) tools. It’s divided into two sections: the user side covers risk in assets, processes, and vulnerabilities, while the adversary side maps adversary behaviors, MITRE, and TTPs. Data points are based on telemetry from December 25, 2023, to June 30, 2024.

𝐒𝐭𝐚𝐲 𝐢𝐧𝐟𝐨𝐫𝐦𝐞𝐝 𝐰𝐢𝐭𝐡 𝐨𝐮𝐫 𝐥𝐚𝐭𝐞𝐬𝐭 𝐮𝐩𝐝𝐚𝐭𝐞𝐬 𝐛𝐲 𝐣𝐨𝐢𝐧𝐢𝐧𝐠 𝐭𝐡𝐞 WhatsApp Channel now! 👈📲

𝑭𝒐𝒍𝒍𝒐𝒘 𝑶𝒖𝒓 𝑺𝒐𝒄𝒊𝒂𝒍 𝑴𝒆𝒅𝒊𝒂 𝑷𝒂𝒈𝒆𝐬 👉 FacebookLinkedInTwitterInstagram

Related Stories

No stories found.
logo
DIGITAL TERMINAL
digitalterminal.in