Increased complexity across federal government networks
The rise of mobile apps and IoT devices combined with the use of commercial clouds are just a few reasons for increased complexity across federal government networks. Ralph Kahn, VP of Federal at Tanium, sat down with Tom Temin from Federal News Network’s Federal Drive podcast to discuss how complexity is contributing to risk and what federal agencies can do to protect the growing number of endpoints.
As endpoints such as PCs, smartphones, containers and cloud infrastructure multiply, so does risk. In the podcast, Kahn explains how “risk management is a subset of management in general. If you want to manage something, you identify the scope and the metrics you will use to rate yourself.” From there, you must work to achieve the highest score possible against those metrics. The federal government has made progress identifying risks, but now needs to work proactively towards mitigating those risks.
Take patching for example. Research shows that it takes an average of 38 days to patch a vulnerability. Across both federal and commercial, patching takes far longer than it should, largely because the patch processes in use today are often the same processes that were defined around the limitations of the original tools which were fielded years ago. Leading organizations have realized massive reductions in risk by leveraging the Tanium platform and updating their processes, in some cases pushing critical patches in hours or days that would have otherwise taken weeks or even months.
“Agencies are used to thinking about patching in a particular way and their approach, process and tools have not kept pace with the speed at which they need,” said Kahn. To effectively manage risk, federal agencies need a single source of truth for endpoint–complete visibility and control into their network–and the ability to quickly make decisions and take action based on real-time, accurate data. When there’s a new critical vulnerability, agencies should be able to get a count of all the systems on their network running the vulnerable application. With Tanium, they can accomplish that in well under a minute.