IT security supplier Trend Micro has admitted that some of its products are not 100 per cent effective. In fairness, it is making this claim about the whole IT security industry, including itself. Trend's admission comes after it carried out 130 free "on-site security threat assessments" across a range of organisations with an average of 7,484 employees. The sample included a minority of Trend's customers.

All the organisations assessed had active malware of some sort on their systems. Some 80 per cent had malware that originated from web-related activities. This included 72 per cetn with internet relay chat (IRC) bots—software agents that facilitate some sort of external communication to the web. IRC bots are often doing no particular harm and are not always in themselves malware, but the channels they keep open can be exploited by malware writers and they can generate unwanted network traffic. Information-stealing malware was found in 56 per cent of organisations and network worms in 42 per cent—both definitely bad.

Nearly all the organisations assessed had security software in place including firewalls, host-based malware detection and some sort of content filtering. So how is the malware getting through? The truth is that these security tools, taken together, do keep the majority of malware at bay, but the aim of the bad guys is to evolve their malware to keep ahead of security technology—and they often succeed. Why else would they keep going?

The situation is exacerbated by two other factors. First, the increasing mobility of the workforce; often user devices are used on networks beyond the control of a given organisation's IT security staff and become infected while connected to such networks. Although end-point security can help with this, many organisations do not use it comprehensively.

Second, malware is increasingly delivered via the web, rather than email. Most organisations have email filtering in place, but many have not addressed the more varied web traffic which encompasses a wide range of communications tools. There are now many tools and services available to control web traffic, but a threshold always needs to be set between controlling user activity and allowing the freedom to use the web productively—in other words 100 per cent mitigation of the web threat is just not possible other than by stopping its use altogether.

So why does Trend, which sells products and services to do most of the above, want to highlight some of its imperfections? Well, there is, of course, some self interest—Trend has developed a new offering that it wants customers, and those of its competitors, to buy, to protect them from this background threat.

Trend has launched what it calls "Trend Micro Threat Management Services". There are three components:

1. Threat Discovery Services: this goes beyond a free initial assessment to provide continual monitoring for new threats and regular reporting.
2. Threat Remediation Services: cleans up existing problems and put in place tools to make sure they do not happen again. This goes beyond standard host-based malware protection as it can seek out and prevent activity than spans multiple devices, for example a user requesting an image file from a web site, but being sent an executable file (includes Threat Discovery).
3. Threat Lifecycle Management Services: ongoing advice and planning for better network management with regard to security (includes Threat Discovery and Remediation).

All well and good, but will customers buy it on top of all their existing security investments?

The services are aimed at enterprises (750 users and above). A free assessment can be applied for at www.trendmicro.co.uk/thinkagain. Beyond this, the Discovery Service starts at $15,000, while the full Lifecycle Management Service has an entry level price of $50,000. Time will tell if organisations are prepared to fork out for yet another layer of security or just accept the background threat. As is often the case, they will probably live with the latter, until a breach occurs that is so costly, it makes the Trend price for stopping it seem cheap.