CRN: In the meantime, what are end users supposed to do if they get hit with something?
CHEN: That's why isolation is important. We've come out with this new product that sits on the network and allows us to isolate a certain port or a certain protocol. We don't identify the specific virus, but we can say we now know that there's something fishy going on.
CRN: This new product obviously has to leverage some heuristic technology to do that kind of analysis. What is your take on heuristic technology?
CHEN: Most of the heuristic technology failed because it was too ambitious. If you have big ambitions for heuristic solutions, I would say it is impossible to achieve. I think it's great theoretically, but it's just very hard to do. We are very, very modest in heuristics. I only want to detect virus outbreak; I'm not detecting it before it happens. It's about early warning rather than immunization. We put these agents out there to monitor the traffic.
CRN: Once that is in place, does it mean that people then can start to implement policy management based on traffic patterns?
CHEN: That's why one of the major functions that we're putting into this product is called policy enforcement, or the patch policy security baseline enforcement. When a machine first connects to the network, we check if you're complying to the policy. If not, then I can isolate you from the network temporarily and force you to, say, update your virus pattern file or do the patch before you go on the network. We can also limit the false positives, and customers don't need to write their own policy, although we do provide the interface if they think they want to write their own policy.
CRN: Given all of that, how do you differentiate Trend Micro from Symantec or Network Associates?
CHEN: Attacks know how to use network resources, so why shouldn't an antivirus company use network resources? We say they are using network resources; therefore, the defense is to deploy the agent around the network and come out with a network defense plan. The other reason I think Trend Micro is better than its competitors is its service infrastructure. They don't have the same level of infrastructure support with rapid updates and 24-hour support, which is harder than just crafting the technology. Our support is 24 hours. You can always call, and there's always somebody there. The real business we are in is not even just security. I call it software environment risk management. That is the real business we are in.
To realize the benefits of cloud-native software, an application must actually be cloud-native—designed to run in the cloud, interacting with disaggregated cloud services, fully manageable as code—to deliver the expected benefits.
By combining resources and expertise, the AI-Enabled ICT Workforce Consortium will offer a blueprint for how industries can adapt to an AI-dominated future.
IT leaders should heed the guidance of cybersecurity insurance providers who think businesses should prioritize security education, incident preparedness, regular internal audits, and ongoing vulnerability scanning and patching.
