Trend Micro study reveals visibility and control gaps are undermining security

Toronto, June 13, 2022 – Trend Micro Incorporated (TYO: 4704; TSE: 4704), the leader in cloud security, announced the findings of a new global study indicating that while organizations across the globe are struggling to define and secure an expanding cyber-attack surface, in Canada, 81% of organizations have at least somewhat defined it.

Trend Micro surveyed 6297 IT and business decision makers across 29 countries to compile the study. To read a full copy of the report, please visit: https://www.trendmicro.com/explore/trend_global_risk_research_2/the-challenge-of-man

The study revealed that 88% of respondents in Canada believe their organization have a well-defined way to assess the risk exposure of its digital attack surface, and more than half (53%) would describe their organization’s digital attack surface as being “complex but controlled.”

Despite the above, over two-thirds (69%) of Canadian respondents are concerned about having a broadening attack surface, and only 42% plan to invest in security tools and technologies to combat it this year.

Visibility challenges appear to be the main reason organizations struggle to manage and understand cyber risk in these environments.

The research shows that almost two-thirds (60%) of Canadian respondents said they have blind spots that hamper security, with cloud environments cited as the most opaque (41%). On average, respondents estimated having just 57% visibility of their attack surface.

These challenges are multiplied in global organizations. Two-fifths (40%) of respondents in Canada claimed that being an international enterprise that spans multiple jurisdictions makes managing the attack surface harder.

Yet more than a quarter (27%) are still mapping their systems manually, and 20% outsource this task —which can create further silos and visibility gaps.

“As organizations grow and incorporate digital and cloud transformation into the fabric of their business, they are unknowingly expanding their attack surface,” said Greg Young, Vice President, Cybersecurity at Trend Micro. “By identifying the areas where they struggle the most, companies can determine the correct approach to assess risk and develop a thorough security posture. It’s time for companies to begin using a unified, platform-based approach.”

The study also revealed that over one-third (36%) of Canadian organizations don’t believe their method of assessing risk exposure is sophisticated enough. This is borne out in other findings:

• 58% of organizations currently have a moderate risk exposure
• Nearly half (48%) of respondents consider cloud service misconfigurations of cloud assets as the biggest risk exposure when it comes to their organization’s attack surface
• 8-in-10 (84%) of organizations review/update their risk exposure in relation to their digital attack surface at least once a month
• Just 18% review risk exposure on a daily basis
• One-third (34%) of organizations feel fully exposed to the cyber risk of phishing
• 44% of respondents consider phishing or email attacks as the primary way of a cyber-attack starting against their organization

Read the French release here.

About Trend Micro
Trend Micro, a global cybersecurity leader, helps make the world safe for exchanging digital information. Fueled by decades of security expertise, global threat research, and continuous innovation, Trend Micro's cybersecurity platform protects hundreds of thousands of organizations and millions of individuals across clouds, networks, devices, and endpoints. As a leader in cloud and enterprise cybersecurity, the platform delivers a powerful range of advanced threat defence techniques optimized for environments like AWS, Microsoft, and Google, and central visibility for better, faster detection and response. With 7,000 employees across 65 countries, Trend Micro enables organizations to simplify and secure their connected world. www.TrendMicro.com.