“The past year has been truly terrifying. The rapid growth of AI is unimaginable," Eva Chen, CEO of Trend Micro, sighed. It was December 5th, and she had just stepped down from the stage at Fukuoka International Conference Center, still dressed in the traditional Japanese festival attire she wore moments earlier to kick off the “2023 AI Hackathon" competition.

This pace is also reflected in Trend Micro's revenue.

The Vision One platform is a cloud-based service offered by Trend Micro that operates on a subscription basis. It hosts a variety of software services in which subscribing customers can easily upload data from their devices that they want to monitor onto Vision One. This platform enables them to effortlessly detect and address any computer security issues that may arise.

The rapid development of generative AI has created a challenge for cybersecurity departments in various companies struggling to keep up. Traditional cybersecurity software can only monitor individual devices, but Vision One, a comprehensive security management platform from Trend Micro, has emerged as the fastest-growing solution in the company's history. In 2023, driven by the increasing global demand from customers, its annual recurring revenue increased by 20%, reaching over US$745 million.

Rise of generative AI intensifies cybersecurity impact

The urgent and rapid effects of generative AI on cybersecurity presented Eva Chen with unprecedented challenges. On the one hand, she needs to ensure that Vision One is effective, while on the other hand, she has to ensure that the company's personnel keep pace with the wave of the AI era.

In early December of this year, she organized a "2023 AI Contest" within the company, and the Final AI Hackathon was hosted in Fukuoka. Participating teams were required to develop a problem that could be solved using AI and design a concrete product within 24 hours.

More than 1500 employees from the global workforce of 8000 flew from different parts of the world to Fukuoka to participate in the competition. They set aside at least four workdays to be part of the event. This massive mobilization had one singular purpose.

"We must be more proficient in using generative AI than the hackers," emphasized Eva Chen. "This applies not only to cybersecurity issues but to every aspect of our work."

As per Trend Micro's detection statistics in Taiwan, the number of malicious links originating from mobile devices has risen significantly to over 1.3 million in the first half of 2023. This marks a notable increase of almost 60% compared to the same period last year, which had slightly over 800,000 malicious links.

The number of attacks aimed at businesses has recently reached a peak that hasn't been seen in almost three years.

“Generative AI has played a crucial role in increasing phishing and ransomware attacks. These attacks can be customized and widespread, making them more frequent. At least half of the small and medium-sized enterprises in Taiwan have been targeted by ransomware attempts from hackers,” Bob Hung, the Taiwan regional manager of Trend Micro, estimates.

"Aging population coupled with a declining birth rate makes it increasingly difficult to find cybersecurity talents," pointed out Omikawa Akihiko, Board member and Executive Vice President of Trend Micro, as this has been a common sentiment expressed by customers in recent years. He led the reporter from CommonWealth on a tour of the newly renovated Tokyo office located in Shinjuku, adopting an open-plan style favored by younger generations. Not only does it boast three sides of panoramic windows overlooking various Tokyo landmarks, but it also features a Starbucks café right within the company premises. "The design breaks away from the confines of standard seating areas, allowing employees more opportunities for discussion, interaction, and socialization," he explained. "The innovative and comfortable communal space also encourages employees to come to the office."

Due to the shortage of workforce, platforms have been able to see this as an opportunity.

Vision One has seen the challenge of finding a workforce as an opportunity. Vision One was first launched to respond to the growing trend of customers moving to the cloud. However, during the development process, it also addressed the need for cybersecurity solutions due to the "information fatigue" and the shortage of skilled personnel in the AI era.

The platform aggregates notifications from various cybersecurity devices, such as emails, the internet, and OT, and sorts them based on risk and urgency for attack notifications.

Furthermore, despite insufficient cybersecurity personnel training, the platform's built-in LLM can directly communicate with responsible individuals in a ChatGPT-like manner.

"In other words, Vision One highlights the top 2 most critical ones of 100 incidents, presenting them in plain language to let the information security team know what needs to be handled first," explained Jason Yueh, the Vice President of Technology at Trend Micro.

According to Trend Micro's statistics, Vision One's efficiency equals approximately 8 information security analysts' workload.

Matthieu Vanoost, the Security Manager at Decathlon, a sporting goods retailer, said that not many companies can assist them in solving all platform-related issues. However, with Vision One, they do not have to gather information from different platforms, which makes the process highly efficient.

Vision One handles enterprises' massive volume of alerts by effectively shifting the burden to Vision One’s backend. The platform receives one terabyte of system logs daily from enterprise clients.

This represents a substantial amount of data. When Vision One was launched in 2019, Trend Micro mobilized about 300 RD engineers from its global team of 2,000, dedicating their full efforts to this project. The company also restructured its organizational hierarchy, moving from traditional hierarchical management to a flatter structure.

"Flattening the organization increases freedom," said Jason Yueh. He also acknowledged that this organizational structure significantly challenges individual judgment capabilities. Still, Vision One could go live in less than a year with the help of a flattened organization. With this, more accurate alerts can be assembled by extracting attack-related information from the platform in the cloud and piecing together these cross-product attack details.

Previously, software products could only be updated once a month, meaning users had to be notified to stop using the product temporarily. However, Vision One can update continuously without causing any disruption. As Jason Yueh pointed out, updating multiple times a day is not an issue if there are new features.

Generative AI can address the issues caused by Generative AI.

Bob Hung shared that generative AI is also valuable for collaborative cybersecurity defense.

For example, in the past, it was challenging to obtain phishing emails in less common languages for AI models to identify. However, generative AI has solved this issue.

The winning team at this year's Fukuoka AI Hackathon used LLM to categorize vast Trend Micro customer data. This helped marketing personnel analyze and identify the products that customers needed.

Jason Yueh highlighted that Trend Micro was already developing similar tools before the competition, but the team came up with innovative ideas. One of the innovative features introduced was using language for emotion detection to comprehend customer satisfaction and predict customer needs. This feature has now been included in the tool.

Even if we cannot create new value through generative AI, it is crucial to minimize the harm caused by generative AI.

"The weakest link in cybersecurity is often the company's people," said Eva Chen. "It's not about preventing hackers, but rather preventing human error."

One of the most prevalent types of generative AI fraud is when AI mimics the style of company executives to request fund transfers from the finance department. However, in the future, it may not only be targeting emails but also real-time communication platforms such as Teams, Slack, and others, which companies commonly use.

"The speed at which cybersecurity risks are increasing has exceeded everyone's imagination," cautioned Eva Chen, especially in the AI era. "No one should be indifferent to this issue," she emphasized. 

---

Have you read?

• How Taiwan cops bust crypto crimes
• Taiwan’s white-collar fraud infiltrating banks
• Facing massive data leak, Taiwan fails the test

Uploaded by Ian Huang