I've been using the tag line "information security is worse than you think" for several years. Every once in awhile, I meet with a security vendor who backs up my words with scary metrics. Last week in New York, Trend Micro filled this role.
According to Trend Micro's Chief Technology Officer Raimund Genes, the volume and potency of Web-based threats is now exceeding the industry's capacity to fight back. For example, Trend Micro says that it added approximately 50 new anti-malware patterns to its database each day in 2005. In 2008, the volume has grown 100 times, Trend Micro adds about 5,000 new patterns a day. As Phil Rizzuto used to say, "holy cow."
With traditional security software, vendors like Trend Micro develop new patterns or signatures and then upload them to customers running their software. The more patterns the vendors write, the more network bandwidth, storage, memory, and processor resources they use. Pretty soon your PC is using an inordinate amount of its horsepower for security.
Trend Micro believes this model is not sustainable and proposes an alternative. Its new service (aka Trend Micro Smart Protection Network) uses a lightweight client to communicate with Trend reputation . Reputation services proactively scan Web, e-mail, and file content, identify attack patterns, and then block this content in the network. The goal here is to use network connectivity and real-time communication to block bad stuff from happening in the cloud rather than relying on local pattern-matching databases and manual scans. The company says it believes it can provide better security with its new cloud-based model while freeing up resources on endpoints. A true win-win.
So will it work? Yup. Whether it's Trend Micro or its competitors, many security vendors are creating new hybrid models that enhance native endpoint security safeguards with additional network intelligence. The company may be the first vendor to walk down this road but it certainly won't be the last. All in all, this is a beneficial trend. Everyone wants strong security but when it takes 10 minutes to boot your PC each day, something is wrong with the current model.