All-round security from Trend Micro for businesses

Dhanya Thakkar, vice president, sales of Trend Micro AMEA

How do you assess Vietnam's overall cybersecurity landscape?

In the first quarter of 2019, Vietnam consistently took the top spots in Southeast Asia as a country targeted by several threat categories, including ransomware, banking malware, macro malware, and email threats.

The banking sector in Vietnam continues to be an attractive target for cybercrime. The International Monetary Fund estimates financial losses as a result of cyberattacks to be close to 9 per cent of the bank’s net income globally, or around $100 billion.

Macros are legitimate programmable patterns used in enterprise software, such as Microsoft Office. However, cybercriminals are now misusing them to trick users into downloading malicious content.

Email continues to be the most popular gateway for threats to take advantage of, and threats targeting email are evolving and becoming more sophisticated. 97 per cent of ransomware attacks now arrive via email. Trend Micro has been recognised by Forrester Research as a “leader” in email security in 2019.

However, I see that the awareness of Vietnamese people and enterprises have been improving significantly. The government is really paying much attention to cybersecurity, although there are still so many tasks ahead.

What is your opinion about fintech and banking companies' spending on security?

Overall, in the Vietnam market, I think security investment is increasing. The government is taking really keen interest in making sure, even from a regulation perspective, that things are a lot clearer. Three years ago when we were doing business in Vietnam, we had to work really hard to convince people that security is important.

I think now customers are asking us what we need to do from a security perspective, especially on the bank side. At this luncheon we had about four-five banks today and three weeks ago we had another six banks of Vietnam visiting Singapore. The message was very straightforward: we need to do more on security. The good news is everyone wants to learn, there is definitely a lot more interest in cybersecurity from a banking standpoint.

Why do they call Trend Micro's security solutions inclusive?

We provide all-round security including three parts. Of these, endpoint security is the most familiar form of cyber defense for enterprises. But in recent years, new technologies have emerged. EDR (Endpoint Detection and Response) is a more advanced technology that enhances threat visibility beyond the scope of traditional endpoint security. Trend Micro’s Apex One uses an advanced EDR toolset that records all endpoint events, allowing security teams to better understand how an attack has taken place. Moreover, EDR allows security researchers to do proactive threat hunting, using intel received from government agencies or third-party threat research organisations.

In the age of advanced threats that are capable of evading firewalls, enterprises need more to protect their network from being penetrated. Many companies are turning to a standalone intrusion prevention system (IPS) to provide an additional layer of robust protection. An IPS can not only detect inbound and outbound traffic, but also lateral movement – for when the threats have bypassed the firewall and now need to be stopped within the network. Backed by our strong research capabilities – the Zero Day Initiative, the world’s largest vendor-agnostic bug bounty programme – our IPS can shield companies from known and undisclosed vulnerabilities.

Enterprises cannot solely rely on endpoint security to secure their servers, they need dedicated server security. Not only that, many enterprises in Vietnam have embarked on their digital transformation journey, adopting technologies to increase overall productivity and efficiency. This means companies are constantly evolving their server environment, from on-premise servers, to virtual machines, and to cloud workloads. They need a security solution that provides seamless protection at every step of the journey.

What are the strongest points of Trend Micro against the products of other competitors?

In my opinion, the strongest point is connected threat defense (CTD) which offers a layered security approach with a better way to quickly protect, detect, and respond to new threats while simultaneously improving visibility and streamlining investigation across organisation. If an attack is detected, threat intelligence is shared across all products for real-time protection at the endpoints, the network layer, and the servers.

One of the strongest points is the connected threat defense. We are able to make multiple security solutions work together in one unit. If each product is a superhero, then we have many superheroes working together to fight cybercrime. That is one of the strongest points of Trend Micro.

The second thing is our team. None of our competitors have such a large presence both in Hanoi and Ho Chi Minh City the way we have. We believe that the best way to support Vietnamese customers is by having local presence in Vietnam, not remotely in some other country like Singapore or somewhere else. We invest heavily in the local market and that is where we are unique compared to other companies.

It is both the technology and the people, especially the people.

While the target clients of Trend Micro are big companies, the Vietnamese business community is made up in a very large proportion by small- and medium-sized enterprises (SMEs). How are you planning to deal with this sizeable difference?

We do have a consumer in the small-medium business but we as a team focus heavily on the enterprise side. For SMEs, we work through MSP to provide security solutions. So we educate the MSP on some of the solutions that we have. For example, we have a product which focuses on small and medium business. But it’s not our team that focuses on this area directly, we work through partners who provide those security solutions.

Regarding the awareness, there is a lot more work to be done on the Vietnam side for SMEs. We have just reached the point where enterprises are beginning to care about security. SMEs are a long way away before they realise the value of security.