About 15% of devices connected to businesses are invisible to IT departments. From this hard truth, Tanium, one of the world’s leading cybersecurity startups, was born. Its clients include more than half of the Fortune 100: financial institutions, the largest distribution companies and governments. Its latest fundraising round last October reached $200 million, totaling more than $700 million. Interview with Dagobert Levy, Regional Vice President, South EMEA, Tanium.
The company, founded by a father and son, has emerged with a technological solution that meets a basic need for real-time visibility of computer assets and installed applications. The stakes are high and the solution, as you will see, is far from simple.
Launched five years ago, this US-based phenom is ranked fourth on the Forbes “Top 100 Private Companies in Cloud Computing for 2018,” which focuses on game-changing companies.
You say that businesses see just 85% of devices that are connected to their networks. How is this possible?
The cyberattacks of 2017 brought to light that companies had only a fragmented vision of their networks, presenting a considerable threat.
One of the explanations is that business structures become complex, especially after periods of acquisitions and mergers. Over time, they accumulate multiple terminals and applications, sometimes without being able to identify them all.
The digital transformation of companies is another important factor. Companies are asked to replicate uses that are close to those of consumers, with the use of GAFA tools for example. Environments are increasingly spread out. Large companies have a physical presence in dozens of different places.
It becomes very difficult to have exhaustive, real-time visibility. Companies face the problem of data sourcing: how to share information between all IT department stakeholders in a compliant, responsible manner. This is the challenge facing businesses today.
Is this one of the reasons why the WannaCry ransomware has done so much damage?
Malware thrives on the invisible part of the computer platform. Indeed, in the case of NotPetya or WannaCry, Microsoft had published a missing patch before the attacks were launched. To avoid being impacted, we had to make sure that we applied this patch to all of its terminals.
Imagine, WannCry continues to do damage even today! This worm attacks machines under Windows that have not been patched. And where are the most vulnerable ones found? Forgotten somewhere in the infrastructure of giant entities like hospitals, banks, government agencies, telecom service providers, universities, etc.
“Visibility and control of all connected assets are the key challenges in cybersecurity.”
Knowing 100% of your computer inventory seems to be the minimum. In your opinion, what is the key to a bulletproof security policy?
Without visibility, you do not control anything. Businesses are becoming aware of this. But much of the work remains to be done. It has been noted that, one year after WannaCry, few concrete actions have actually been put into place, because it’s difficult to have full visibility of your computer system. It took us a long time to develop a concept that makes it possible.
For the past 20 years, the industry has created solutions to address the complex problems it encountered. In companies today, there is a resulting patchwork of solutions that do not communicate with each other.
Tanium can communicate with its fleet of workstations and servers, answering questions that may seem simple but are not: how many assets do I have in my company? Are they compliant? Are they properly patched? Are they facing an attack and how can I respond?
All of these questions are answered…in real time.
How do I know if a workstation is under attack?
National security agencies issue alerts based on verified compromise indicators. Thanks to our total visibility of the connected platform, we are able to instantly measure these indicators in a company and quickly resolve them.
Visibility and control of all connected assets are the key challenges in cybersecurity. There is much talk about artificial intelligence, machine learning and the ability of advanced cyber detections, but if you do not know the fundamentals – what you have and how it is configured – all other efforts will be in vain.