This April brought back Tanium’s first federal customer user conference since the pandemic screeched onsite events to a halt in 2020. In a reimagined style, our teams brought back a re-invigorated experience that took place in Tyson’s Corner, the heart of the DC region’s tech corridor. The event was comprised of several keynotes, panels, breakout sessions and labs, that cultivated dialogue around key strategic cybersecurity initiatives impacting the federal technology space.
Here are our top 10 Takeaways from this year’s conference:
1. The Myth of Having Visibility and What You Can’t See
Endpoint visibility is the corner stone of every cybersecurity initiative happening at the forefront of our national defense strategy, including Zero Trust, SBOM, threat hunting and more. In our fireside chat between myself and ServiceNow Federal CTO, Jonathan Alboum, we discussed how often agencies realized that they were missing up to 20% of endpoints they didn’t even know they were missing. Having better data at speed and scale enables leaders to get the most value out of all their tools, and converges teams around a single control plane for that data.
2. Public-Private Collaboration is Paramount to Defending Critical Infrastructure
One of the most pivotal calls to action in the White House’s most recent National Cybersecurity Strategy is enabling public-private partnerships to better defend and modernize federal networks for a stronger cyber posture. That common thread revealed itself in both of our panel discussions with Microsoft and ServiceNow. Each of these partnerships and integrations are creating that single source of truth necessary to support warfighters and civilian cyber analysts in a way that is driving real ROI and productivity gains.
3. Challenging the Gender Gap is Necessary for Strengthening Cyber Defense
United States Marine Corps Assistant Director and Deputy CIO Renata Spinks and Tanium Chief of Staff Harman Kaur dove into lessons learned and personal stories from breaking down gender barriers in leadership and challenging the status quo. This paradigm shift is essential to creating and ensuring more tactically diverse cyber defense strategies that are more adept to meeting the continuously evolving cyber threat landscape.
4. The Key to Cyberspace Superiority is to Secure, Survive and Strike
Cyber has truly come a long way in becoming one of the five principal domains – including sea, land, air and space. During his opening keynote remarks, Principal Cyber Advisor to the Department of the Navy Christopher Cleary explored why this vision is imperative to ensuring systems are secure; that critical infrastructure and weapon systems are survivable and sustained, and that cyber operators can strike in cyberspace on favorable terms. But a central cyber warfighting architecture and vision is imperative to bringing each of these strategies together, otherwise the individual tactics are “all thrust, no vector.” As Cleary put it, “a ship with no port cares not which way the wind blows.”
5. The Best Cyber Warfare Strategy Can Be Found in History and a Good Book
According to Prussian Napoleonic War general, Carl von Clausewitz, in his book on military strategy, “war is the realm of uncertainty; three quarters of the factors on which action in war is based are wrapped in a fog of greater or lesser uncertainty.” Tanium’s Ed Debish explored that concept’s relevance to the cyber warfighting domain and how CIOs and CISOs can enable warfighters to drive down cyber risk in the “fog of war” by focusing on reducing uncertainty, quantifying the cost of poor cybersecurity practices, and using the right tools to speed up critical decision-making cycles.
6. Data is the Fuel that Accelerates Decisions and Increases Confidence in Network Resilience
Decision models and concepts of cyberspace operations can help a CIO/CISO organize how they think about network risk and resilience. Managing risk-to-network (R2N) has implications from trust decisions involving automation and conditional access to the identification of key-cyber terrain and threat vectors. Tanium’s Kyle Dewar examined how to frame network risk around essential drivers to risk (vulnerabilities, misconfigurations, unauthorized devices), measurements of performance (enterprise and endpoint actions, and network areas of interest), and measurements of effectiveness (real-time data and reporting).
7. Threat Hunting Has to be Comprehensive at Scale and Speed
With the right synergized solutions in place, agencies can enhance investigations and dynamically hunt for threats using real-time data and integrated remediation. The right capabilities can also enhance conditional access without performance impacts that achieves Zero Trust at scale while reaching all discoverable devices for real-time asset inventory.
8. Satisfying CDM requirements Should Be Made Easier
The right solutions can automate tedious context-switching between tools and reconcile outdated data, allow agencies to monitor file changes, and diagnose performance issues. Federal organizations that have these integrated workflows in place will optimize software, hardware and cloud costs while reducing risk with real-time visibility and CMDB data you can trust.
9. Integrations Can Have a Synergistic Effect on Technology Investments
Tanium’s JB Bailey detailed how ServiceNow customers can generate more insight while building confidence and agility by integrating Tanium into ServiceNow. This workflow helps customers see everything so they can do anything; with Tanium and ServiceNow, customers can contextualize the real time data Tanium delivers in customizable visualizations that generate a decision advantage for IT Operations teams.
10. Zero Trust isn’t Going Anywhere, But Adoption Can Be Easier
Meeting Zero Trust can be a significant undertaking, especially for large and complex IT environments. But getting the end user and device authentication piece right can help organizations to take a significant step in the right direction, by protecting their most critical apps and data. Microsoft’s Security and Compliance expert, Jay Pelletier and Tanium’s Ed Debish, discussed the comprehensive integration between the Tanium platform and Microsoft’s Azure Active Directory. Customers can leverage real-time device data to ensure that conditional access decisions are always made based on the latest information. And thanks to Tanium, there’s a quick and easy way to remediate non-compliant devices, thus enabling the Zero Trust activities while minimizing the productivity impact on users. Additionally, this solution directly advances the Department of Defense’s core Zero Trust tenants identified in the U.S. Department of Defense Zero Trust Strategy.
Events like Tanium’s FedCyber Exchange are essential mediums to connect CIOs, CISOs, CTOs, experts and thought leaders. The effect is an acceleration of learning, thinking, and discussing the top issues and challenges facing today’s cyber leaders. Opportunities to think critically about cybersecurity technologies are becoming more common and these conversations will have a cumulative effect on network readiness, cyber resilience, and threat reduction across our federal networks.
Learn more about how organizations across the federal government are using Tanium to address emerging threats, cybersecurity mandates and beyond.