Onstage, AWS representatives participated in a “fireside chat” highlighting the main challenges their customers have: misconfigurations are a prominent and common threat, and the solution is adding more data to better manage risk in your attack surface.
“If you have an attack surface risk management system in place, and cloud is one of them, it’s important to bring data in there and understand where that data is stored.”
Security operations (secops) in large enterprises is different than in smaller businesses, but the challenges they face are similar, including how to respond, how to maximize resources and how to use enhanced detection and response effectively, Phillips said.
Additionally, by bringing together risk management systems across your attack surface, network identities, endpoints, and cloud in one place, you can gain instant context and move towards structured, predictable responses.
There’s a lot of hype around artificial intelligence, but it’s not always being delivered, Philippe said, and its benefits need to be explained in a more concrete way.
At the time Gartner said 75% of organizations were looking for security platform consolidation, Trend Micro was promising that its generative AI, called Vision One, was already permeating the entire platform.
“Customers see the benefits immediately across the platform,” Philip says. “Security-trained staff are hard to come by, so being able to upskill is a big benefit.”
Other vendors were also developing their own AI, meaning that multiple different AI “companions” could infiltrate today’s organizations.
While platform consolidation is the answer to many challenges, it’s impossible to be everything to everyone, he added, and Secops needs to “get on with it.”
While AI is becoming a key part of modern cyber risk management and response, overall AI security was becoming an area where customers struggled.
“No matter how it’s implemented, an unstructured and unclassified model means data is at risk,” Philip warned.
“AI will be the next big shadow IT problem.”
The A/NZ event concluded with a fireside chat with Eghbal Ghazizadeh, Cyber Security Manager at Mercury Health, who discussed key points for cyber leaders, including reporting lines and operational challenges.
One area in particular that Trend Micro has been working on is how to quantify cyber risk.
The company’s Vision One application provided assistance by allowing executives to track their organization’s risk score and compare it to the industry average.
“These numbers need context,” Philip says, “so you can avoid a barrage of calls and meetings.”
