Governments have always been a popular target for threat actors. The sector was more impacted by malicious files than any other last year, according to Trend Micro data. Increasingly, the key to mitigating risk in these often highly distributed and complex IT environments is to combine threat prevention with effective detection and response. Yet many security vendors are pushing their government clients to adopt SaaS tools, which ignores the reality that public sector organisations are often not ready or willing to migrate.
Trend Micro’s approach is more rooted in reality. We understand that government IT systems are often a hybrid blend of cloud and on-prem. And we know that sometimes SaaS isn’t the right deployment model.
Why governments need XDR
Public sector organisations are a popular target for just about every type of threat actor. Hacktivists looking to make a point or further their own government’s geopolitical aims. State operatives probing for vulnerabilities and persistence with an eye on future conflict, or geopolitically important intelligence. And financially motivated cyber-criminals looking for highly monetisable personal and financial information, which governments hold on their citizens in vast volumes.
It's getting increasingly challenging to defend against these threat actors, especially in light of government IT modernisation efforts. Cloud migration, IoT-based smart city technology rollouts, AI-based data analytics initiatives and more all offer the prospect of enhanced public services and greater value for money for the tax payer. But they also expand the cyber-attack surface.
In this context, no government can be 100% breach proof. That’s why more effort needs to focus on threat detection and response, designed to spot and contain incidents before they’re able to make a serious impact. Extended detection and response (XDR) tools like Trend Vision One can add tremendous value by collecting insight across the IT environment, collating it in a single data lake and running smart analytics against it, to uncover the anomalies indicative of a looming threat. Not only can such intelligence be used to prevent an attack from spreading, but it can also help organisations to patch critical vulnerabilities and build resilience in time for the next attack.
Winning in the hybrid cloud world
Trend Vision One goes beyond regular XDR by collecting threat intelligence from multiple layers of the IT environment: networks, server, cloud, endpoint and email. But there’s more. We also understand that government IT is typically a complex blend of on-premises, private cloud and public cloud deployments. For security, compliance and possibly even cost reasons, on-premises systems are still favoured in many cases.
The security market’s obsession with migrating customers to SaaS-only deployment can therefore be frustrating to government IT leaders. We see many global vendors pushing their SaaS licensing models but we understand our customers’ need for hybrid environments. Our CEO Eva Chen has always acknowledged this and continues to build our platform around accommodating hybrid security and the support of legacy operating systems.
This approach enables for example government customers to use a single Trend Vision One deployment to manage their entire environment. This can:
- Reduce the security coverage gaps that may appear when organisations are forced to use multiple products to cover on-prem and cloud
- Minimise the resource drain and associated costs that point products can levy on stretched government IT teams
The bottom line is this: with Trend Vision One, government customers can take a big leap forward in mitigating risk across their attack surface, without disrupting their IT environment. But don’t take our word for it. Forrester has named Trend Micro an industry leader in XDR, saying that we offer a robust, easy-to-operate security suite.