Trend "Micro" loss...
Staff going rogue is the biggest threat they scream!
If Trend's crown jewels are not protected how can we trust their software?
Trend Micro today revealed one of its staff went rogue and illegally sold the personal information of roughly 68,000* of its customers. The security software vendor said names, email addresses, ticket support numbers, and in some cases phone numbers, of around one per cent of Trend's 12 million customers, were copied from an …
"If Trend's crown jewels are not protected how can we trust their software?"
Supposedly, Trend Micro and other AV vendors had their servers ransacked by hackers and source code up for sale on the dark web:
https://www.bleepingcomputer.com/news/security/fxmsp-chat-logs-reveal-the-hacked-antivirus-vendors-avs-respond/
Have you not seen the average "user"?
Training tends to just confuse some users even more (If they were even listening), although I don't mind the odd this email looks like it might be odd 20% of users end up questioning everything.
First of all.... Take a look at was 3rd party security is actually doing on endpoints. It is waaaay beyond anti-virus. There are some well respected security people out there (GRC) who continue to spout that mantra without actually taking a look at where the industry is today.
Second.... Until one key component is completely eliminated from the chain, there will always be a need for monitoring & securing the endpoint. It doesn't matter how well written, fundamentally secure, and locked down a computing environment is. As long as that key component defined as "user" exists, there will be a need for security.
Also, no matter how well trained or intelligent someone is, they can have an off day where they slip up and click on something they shouldn't. Endpoint software is so much more than just an AV provision so that when someone does slip up, and they will, the right action can be taken and the company protected as well as they can be