This year has been awash with IT stories of a similar hue: Remote workers targeted by escalating cyberattacks, virtual private networks (VPNs) overwhelmed with traffic, digital projects put on hold, Zoom meetings being hacked. These stories all speak to survival.
Now, almost a year into the pandemic, it’s time to talk about how we bounce back and proactively build for the future.
That’s what Day Two at Converge was all about. We heard from Tanium customers about how they’re leading from the front to drive operational and security improvements in their organizations. We were also joined by noted security researcher Keren Elazari, who explained what we can all do to build a digital immune system to keep attackers at bay. And we heard from Tanium partner Google Cloud about how it’s rethinking and expanding the concept of “zero trust” security.
The future of cybersecurity: a friendly hacker’s perspective
As we all now live most of our professional lives online, protecting this digital way of life has never been more challenging — or more critical — for security professionals. Corporate networks now have many more points of exposure while new automated tools are making cyberattacks easier than ever to carry out. So what happens next?
To help address that question, Elazari shared her vision of a more secure future. As the bad guys evolve, so must we, through “defense-in-depth” approaches, she explained.
Elazari emphasized we must empower our end users to make the best decisions possible — with a focus on IT hygiene. We should spend time learning from hackers and build this into our threat modeling and attack resilience testing. And we must future proof the organization for a new data-centric, distributed era.
Leading at the edge
How are organizations changing their approach to managing and securing endpoints at the edge, given the very definition of the edge has changed? How are they coping with the crisis? How good has alignment between IT operations and security been? What are the opportunities for transforming remote work? And what does the future hold?
For answers, Tanium’s vice president of customer experience, Amelia Forrest Kaye, spoke with two of our leading customers to get their perspectives.
Mitch Teichman, senior manager of client engineering, VITAS, explained that security initially took a back seat during the rapid shift to remote work. But very soon it became paramount to his organization. In fact, the pandemic gave VITAS an opportunity to focus on security initiatives at the endpoint that may not have been prioritized otherwise. It also helped the company accelerate various technology rollouts like virtual desktop infrastructure (VDI) and video conferencing deployments. And working from home even helped his IT staff be more productive, he added.
Teichman and his team are now implementing microsegmentation of the network, investing in global server load balancing, and identity and access management. It’s all about getting proactive to ensure the organization is prepared for whatever comes next, he explained.
Ian Goodhart, deputy chief information security officer, Maryland Department of Human Services, said that the focus for his organization has been on ensuring staff are compliant and not exposing themselves to cyber-threats. That means proactive scanning, testing and patching of endpoints.
In the future, Goodhart plans to implement data loss prevention (DLP), integrate AI into the security operations center, roll-out orchestration tools, and enhance reporting efficiencies to improve detection and response. Thanks to its forward-thinking strategy, the department has even capitalized on the pandemic to consolidate and get more out of its existing IT tools, cut costs, make smarter decisions, and be more secure.
Beyond zero trust
It all started with a nation state cyberattack on Google. In response, the search giant built out a new approach to security known as zero trust, based on the idea of “trust nothing, detect everything.” This was the foundation of Beyond Corp, Google’s vision for a world without VPNs, that is rapidly becoming a reality thanks to Tanium.
Google Cloud’s Potti, used his keynote to explain how the COVID-19 crisis is accelerating the shift to this new world. Once employees have experienced how seamless distributed work can be, few of them will want to go back to the old paradigm of VPNs, he argued.
Tanium is helping to usher in this new age of IT consumerization by offering capabilities to authenticate users’ devices as they log-in, to ensure these endpoints haven’t been hijacked due to poor IT hygiene.
As Potti said, there’s a real opportunity today to create an environment in which every employee can connect from anywhere with anything and, most importantly, with confidence. It’s what Google describes as “safer normal,” and it’s coming your way with a little help from Tanium.
Stay tuned tomorrow for our round up of the third and final day at Tanium Converge 2020.