The Cyber Risk is Measured in Euros: With TrendAI, Security and Business Speak the Same Language
The Cyber Risk is Measured in Euros: With TrendAI, Security and Business Speak the Same Language
In Milano Marittima, on June 10 and 11, the enterprise division of Trend Micro gathered partners for the ninth edition of its Academy, the first under the new TrendAI brand. The common thread is the name change from Trend Micro to TrendAI, where the first part referred to the microprocessor of its origins, and the latter now refers to artificial intelligence. It's not a simple rebranding; it's the way the company intends to illustrate how cybersecurity has already changed under the drive of AI.
Historically reserved for channel partners, this edition was open to clients for the first time and built around the theme of speed and races. The event carries a message that the company summarizes as follows: use artificial intelligence as an opportunity to manage consciously, so it accelerates innovation without becoming a brake. This is the framework chosen to explain a transition that, in intent, goes beyond marketing.
A Name Change Based on Data
Marco Fanuli, Technical Director Italy of TrendAI, illustrates the Italian technical route and immediately frames the choice of name as a transition matured internally. "It wasn't about chasing a trendy word or a trend, but a natural evolution," he asserts. The reason, he explains, lies in the company's history: almost forty years spent collecting security data from endpoints, the point from which much of the telemetry originates. It is this wealth of data, he insists, that makes the difference in the era of models.
"In the age of AI, you can have the most beautiful models in the world, but if you don't have the data, you cannot train those models correctly."
The starting point is a realization that goes well beyond cybersecurity. People are overwhelmed with messages, notifications, and prompts, and AI has accelerated this phenomenon. In the security operations center, the same happens: analysts deal with a continuous flow of alerts that never resets. It's easy, Fanuli reminds us, to finish the day having only examined the top alerts on the list, without certainty that they were the most important. Hence the idea of a platform that highlights what truly matters by sorting priorities not only by technical severity but also by business impact.
From Technical Risk to Economic Value
The economic quantification of risk is the topic that excites Fanuli the most because it addresses a pain point he sees daily with clients: the language gap between those who talk about vulnerabilities and those who decide investments. Cybersecurity is a technical issue, but it has also become a business matter, as research from the World Economic Forum and the Allianz Risk Barometer places cyber risk among the top concerns for businesses. With Cyber Risk Exposure Management (CREM), the company aims to bridge that gap by translating exposure into a figure.
"Today we can put an economic value behind every risk. From there, it's easier to understand priorities: not based on the technical severity of the incident but on the risk to the business," he explains.
The difference becomes concrete with an example: a critical vulnerability on a test machine is of little weight, whereas a less noticeable attack on a vital system—the mortgage management engine of a bank—holds much more value. During one of the demonstrations, a single compromised node translated into an impact of $1.7 million, a figure that is understood by everyone in the company. This is the bridge between the technical world and the financial one: where previously conversations would stop, now there is a common language that allows the security officer to communicate with the rest of the organization. It also helps sustain discussions with regulations, from NIS2 downwards, which have multiplied recently and added burden to those managing security.
The Analyst as CEO of a Team of Agents
The second lever is agent-based artificial intelligence. Faced with an increasing number of incidents and a chronic shortage of professionals, the platform delegates the job of selection and, where possible, automatic remedy to a network of agents. Beneath the operation center, Fanuli recounts, work various specialized models: those managing third-party integrations, those detecting specific malware, and those assigning priorities. In one of the demonstrations, while the operator had stepped away, the system managed 156 notifications, resolving about 80% autonomously.
The model does not replace the analyst; it promotes them. "The analyst must quickly transition from working hands-on to being the CEO of a fictitious company, overseeing a team of bots," summarizes Fanuli. The human in the loop remains: a person who delegates but also oversees, allowing agents to perform automatic remediation only when the reliability level is sufficiently high, through predefined procedures.
The delicate point is trust. Here, Fanuli uses two comparisons. The first is autonomous driving: self-driving vehicles can make mistakes, but the magnitude of errors is now comparable to human ones. The second comes from security itself, with technologies like data loss prevention (DLP) and intrusion prevention systems (IPS), which have always coexisted with false positives, and no one would dream of removing. The message is that a change in habits is needed.
"We need to get used to letting go of some work, just like a CEO who has done that work for years struggles to delegate at first," he admits.
In the background lies the evolution of attackers. Adversaries have organized like a supply chain: some specialize only in opening doors and then reselling access as a service, while others exploit it to exfiltrate data or launch ransomware. AI has further raised the bar, with malware capable of changing shape depending on context, increasingly credible phishing campaigns, and even bots that automate negotiations with victims. It is this context that makes data-driven defense not a luxury but a necessity.
The wager of TrendAI is all here: in the era of models accessible to anyone, competitive advantage lies not in the algorithm but in the telemetry that feeds it and the ability to translate it into something that the business can understand. The Vision One platform is the place where these three directions—data, risk quantification, and agent-based automation—converge. The real unknown is how quickly organizations will adopt a model in which delegating to a machine becomes part of the analyst's job, but for those defending businesses, the direction now seems charted.