Partners and partnering were top of mind during Day 1 of Tanium Converge 2022, the company’s annual conference for global IT and security professionals, held this year in Austin, Texas.
“Our job is to be your partner,” said Tanium co-founder and CEO Orion Hindawi to the audience, which included some of the 1,000+ people registered to attend live in Austin and the more than 3,000 people from nearly 60 countries registered to join the event online. “I want Tanium to stand with you.”
That includes Tanium’s corporate partners, a group most recently joined by Microsoft. “Two years ago, I didn’t think it would be possible for us to partner with you,” Hindawi said during his conversation with Rob Lefferts, Microsoft’s corporate VP for modern protection and security operations center (SOC). “Now I’m excited that we have.”
Indeed, much of Tanium’s early successes were based on gaps left by Microsoft products. Now that’s changed. Hindawi recounted how, during a recent phone conversation, Microsoft CEO Satya Nadella asked why their respective companies weren’t yet partners. Microsoft’s priority, Nadella added, was the success of its customers. If partnering with Tanium could help Microsoft’s customers, he was all for it.
Fast-forward to Converge 2022, and Lefferts of Microsoft said he’s relieved by his company’s new openness to partnering. “It helps us accomplish our goals and meet our metrics,” he said. “We’re here to protect our customers, and we’re all in for tools that can help. We need the good guys to work together.”
Accent on Accenture
Another Tanium partner, professional-services firm Accenture, was represented by its CISO, Kris Burkhardt. Accenture is not only a Tanium partner, but also one of Tanium’s customers.
“We work with only a few top vendors,” Burkhardt said in a conversation with Hindawi. “Because we have over 700,000 employees, we look for scalability. But it’s not just size. It also means the flexibility to do releases, handle exceptions, and meet our needs as we change.”
Burkhardt plays a double role with users, too. He’s responsible for the security of Accenture’s employees and systems. But Burkhardt also gets called to help with security issues faced by Accenture’s corporate clients, in part because for those clients, Accenture performs core parts of their business.
Like many security executives, Burkhardt is troubled by the proliferation of point-solution security tools. “Sometimes it seems like there are a billion of them, yet we still don’t have the tools we need,” he said. “I’m always worried there’s a gap we didn’t cover. So we use Tanium to cover the gaps.”
XEM marks the spot
Steve Daheb, Tanium’s chief marketing officer, played emcee for Day 1 of Converge 2022 and also led a session on Tanium Converged Endpoint Management (XEM). During his presentation, Daheb presented some alarming statistics:
- The average organization now manages 135,000 endpoints.
- A ransomware attack occurs every 11 seconds.
- Many organizations lack visibility into as much as 25% of their endpoints, yet 70% of organizations have experienced breaches through unknown assets.
- Patching a software vulnerability now takes, on average, a full 205 days.
“What if you could see every endpoint, in-depth, in real time, that you could remediate in real time, and that you could do from a single, integrated platform?” Daheb asked the audience. “That’s what we’re offering with XEM. It’s a real paradigm shift.”
Daheb mentioned several customers that have partnered with Tanium for innovation and problem-solving. They include Con Edison, which provides power to some 10 million people in and around New York City; Genpact, a professional services firm that, with Tanium’s help, has reduced its network costs by 75% while hitting 99.9% compliance; AutoNation, the largest U.S. auto retailer, which uses Tanium to remediate unpatched endpoints in less than an hour, a task that used to take the company days; and Sutter Health, which works with a third party to ensure all its 24,000 small and midsize vendors have installed Tanium on their endpoints.
Later in the morning, Tanium’s chief product officer, Nic Surpatanu, took Converge attendees for a ride along the company’s product roadmap.
For starters, he discussed two new products, Tanium Benchmark and Tanium Software Bill of Materials, or SBOM for short. Benchmark provides an industry first: a comprehensive view of company performance based on data from both the company’s own software estate and its industry peers. And SBOM gives organizations new visibility into their complex supply chains, allowing them to quickly determine whether they’re exposed to a security threat, and if so, where.
The two systems can be used together. In a demo, Julia Grunewald, a Tanium product-management director, showed how SBOM can tell a company which of its software assets use vulnerable code (such as Log4j) and whether they’ve been updated; then it can actually do the updates. Next, a company can use Benchmark to show how those updates have helped its overall performance.
Coming soon from Tanium, added CPO Surpatanu, are solutions that address two big issues: the proliferation of security tools, and the massive shortage of cybersecurity workers. Tanium will take on these challenges by offering convergence — the ability to consolidate tools — and greater worker productivity with the ability to understand every asset, no matter how many and how geographically dispersed.
More specifically, Tanium is working on autonomous endpoint management, which as Surpatanu described, comprises four key elements:
- Graph: a consolidated source of truth
- Actionable insights and benchmarks: knowledge to simplify decisions and actions
- Playbooks and automation: Policies defined by humans, then executed by automation
- Investigation and remediation: Led by humans, but with automation taking over the repetitive parts
Partners in risk and gain
Next, the Day 1 session was punctuated by a lively presentation from Renee Murphy, a principal analyst at research services firm Forrester. “Context is everything in risk management,” she said.
Drawing an analogy from “The Wizard of Oz,” she urged those overseeing endpoint security to consider their context, too. In that classic movie, the character of Dorothy may be the hero, but from the perspective of the Wicked Witches, she’s a killer. Similarly, Murphy said, when considering top security risks, managers need to ask how they appear in various contexts.
The morning’s session closed with a four-way discussion with Charles Ross, Tanium’s chief customer officer, and three of the company’s top CISO customers: Jim O’Connor of Cargill Inc., Daniel Conroy of Raytheon Technologies Corp., and David Damato of Aon plc.
All agreed on their need for greater security scalability. That’s certainly the case at Raytheon, which employs more than 100,000 people, half of whom now work remotely, Conroy said.
When asked for “pearls of wisdom,” Damato offered one from his unique perspective: He’s both worked for Tanium in the past and is now one of Tanium’s customers. Still new in his CISO role at Aon, he offered a few words of advice: “Understand your organization’s threat profile — what risks do you face, and from whom? And also understand your organization’s risk appetite. Ask your executives how much security they want.” In other words, don’t just act like a supplier — instead, be a partner.
You can watch this keynote and all the other content from Converge on demand. Get registered here to check out keynotes, breakouts, and more.