Video: 10 Minute IT Jams - The latest from Tanium
Cyber security is evolving rapidly. For companies grappling with increasingly complex threats, one provider says integrated solutions and real-time response are critical.
Chris Cruz, CIO of Public Sector at Tanium, argues that the landscape has shifted dramatically- and businesses need robust, centralised systems to keep pace. Speaking to Teammate IT, Cruz outlined key trends shaping the industry, the innovations his own company has brought to market, and how lessons from the US could help Australia and the Asia-Pacific region.
Tanium bills itself as the industry's first and only provider of converged endpoint management, offering a platform that connects workflows, brings together teams, and consolidates security toolkits. According to Cruz, simplification is at the heart of its proposition. "Tanium is all about visibility, control, management and remediation on a single platform," he said. "Those are the key areas to sum up what we do. We do so much from a complexity perspective that I try to simplify our service offering and align with the priorities of our customers at hand."
He explained that real-time data is now indispensable, especially when making tough choices about cyber risk. "Real-time data is very important today, especially when you're making key decisions on cyber security issues, risks and breaches- these happen on an almost minute-by-minute basis across the globe."
Among its core abilities, Cruz highlighted risk-based management and vulnerability patching, explaining the challenge presented by today's hybrid work environments. "We live in what I call a hybrid work environment- the attack vectors have become more complex. Having a tool like Tanium as a single platform solution that mitigates risks and addresses transparency across the entire organisation is very seamless today."
In the ever-shifting threat landscape, innovation is key. In recent months, Tanium has developed enhancements such as its software bill of materials (SBOM), providing greater depth on technical issues for those triaging threats. "It's really giving technical people the detail around when they triage and manage and identify risks, providing that level of detail and how to mitigate those issues appropriately. Documentation is so important today," Cruz said.
For executives, the latest dashboard features and asset management developments are offering new levels of oversight. "It's really about dashboarding capability and having visibility and management while understanding what your risk threshold is and the level of maturity in today's environment," Cruz added. "Tanium provides that, pulling data from the endpoint to address all of that in real time."
Perhaps just as crucial, Cruz said, is the ability to automate where possible, especially as resources become strained. "Resources are lacking. We don't have the expertise, especially in government, to manage all the solutions we have. Having a tool like Tanium, that has those automation capabilities to provide information in a matter of seconds, is really key to preventing cyber security attacks and addressing ransomware."
Looking further afield- particularly towards Australia and Asia-Pacific- Cruz believes that lessons from the United States are instructive. Citing recent efforts by the US government to standardise and centralise incident response, he revealed, "The biggest issue is having a level of standardisation across your entire framework and ensuring an incident response and a level of risk management, and a common data repository for information on data breaches and incidents. In the US, the administration released an executive order that aligned with these processes, saying you need to have good patch solutions, vulnerability management, and the right response and controls in place."
For countries such as Australia, he suggests adopting these best practices, including centralising incident data so that mitigations in one organisation can inform others and prevent wider damage. "Australia could really benefit by those core processes and having a level of standardisation across their entire security framework," he said.
On the global stage, Cruz sees threat actors becoming increasingly sophisticated. He pointed to the rise in AI-powered attacks, "zero trust" security models, and the proliferation of cyber-attacks beyond the office in our remote work era. "The global issues I'm seeing are breaches, the ongoing proliferation of AI, and the need for more deliberate oversight. Zero trust and having a bonafide zero trust architecture in place with multi-factor authentication is essential as attack vectors increase," he explained.
He added that threats are no longer confined to computers, but now extend to mobile phones and even vehicles. "We're seeing hacking in the automotive industry now, and on our mobile phones as the new attack vector. No one is now immune from these types of incidents, whether it be a ransomware attack, a DDoS attack, or controlled management attacks from your smartphone to your laptop and into your corporate headquarters. The attack vector has spread and it's up to us to provide a basic common framework to manage that proactively if we're going to continue to remediate these issues at the highest level."
Tanium's solution, Cruz said, is holistic integration- uniting security and operations in one program and platform. "It's been becoming increasingly important that today the CIO and the CISO need to work together in what I call a collaborative partnership, and this goes back to common governance across your organisation. Having that in one platform is really the way to proceed and move forward."
He described the "Baskin Robbins approach" suffered by many organisations, where a proliferation of tools- "31 flavours"- can lead to confusion and inefficiency. "We had 31 flavours of tools in our toolbox and the left hand often didn't talk to the right hand… It left us in a bad position where there's little ROI, high risk, and lack of management," he said.
Education, Cruz warned, is just as vital as technical prowess. "A lot of it has to do with education and training. I always say that cyber security is everybody's responsibility- you need to educate, train and make your employees aware of what's out there," he said. Social engineering, phishing, and email-based attacks remain pervasive, and organisations must be prepared with clear communication protocols and contingency planning. "Having an education and contingency plan in case there is a hack or some kind of breach that brings down your critical systems and processes- what are you going to do to continue business operations appropriately?"
He admitted that organisations often overlook such basics, saying, "These are areas that are quite often overlooked by organisations. Do you have a cyber security strategy, and does it include the necessary priorities and objectives?"
In closing, Cruz underlined Tanium's commitment to partnering with customers, understanding their business challenges, and rapidly deploying solutions that deliver return on investment. "We take everything as a business problem and look at that transformation and innovation around that business problem, and then what Tanium can potentially do to address those problems expediently," he said.
"We want to ensure you're making the best investment decisions when it comes to cyber security tools in a single platform," he concluded.