Perspectives from the Tanium Federal User Group: Managing Risk in an Increasingly Complex World

8.5.2020 | Egon Rinderer, GVP Technology & Federal CTO

A couple of weeks ago, we held our Federal Virtual User Group where we heard from Civilian and Department of Defense agencies on how they are leveraging the Tanium platform to adapt to a distributed workforce, modernize and consolidate tools and point solutions, and most importantly, manage risk.

We kicked off the event by expanding the definition of technology risk management. Often, when speaking to different leaders throughout an agency, many definitions of risk emerge. One IT leader may focus on risk in terms of vulnerabilities and risk assessment – but for a decision maker at the C-level, risk is a much broader concept that influences business decisions. There is a need to break down the idea of risk into smaller, more digestible buckets – IT operations, IT security, IT financial, IT supply chain, tooling and distributed workforce to name just a few – only having done that can we begin to pursue risk reduction in earnest.

Technology risk management in a distributed workforce

A common thread throughout the event was the newly distributed workforce and the need to consider how it is affecting risk. Risk management must evolve – tools that worked before may not work in the new distributed environment. IT leaders are managing a new set of challenges when it comes to maintaining a secure and productive workforce. With an 80-90% remote workforce now the norm across industry and many agencies, there is also a massive increase in exposure. Often, the legacy tools in place are not equipped to effectively scale with the increase in remote endpoints and cannot deliver the same speed and security to devices outside of the perimeter. Lastly, employees are only human – but restricting access or limiting resources doesn’t guarantee improved security or efficiency, but may in fact have unintended consequences that increase risk. It is essential to enable the use of BYOD safely to secure against human error and innate curiosity.

Tips for IT leaders

As IT leaders, it is critical to expand how we think about risk – don’t get pigeonholed into just IT security. Seek out colleagues and peers who can talk about financial and operational risk – ask them what they are solving for, who they are accountable to, what they need to know, and what data they’re leveraging to drive decisions in their organization. This open dialogue can facilitate better data-driven decisions.

Q&A from the federal user group

Given the many definitions of “risk” used across the industry today, how is Tanium’s approach to defining and remediating risk any better?

If a vendor is paring down or oversimplifying the definition of risk, they are doing you a disservice. Risk is a complex topic and must be looked at holistically. Tanium opens up the environment and looks at the overarching factors that make up risk, broadening the definition, and empowering users and decision makers to make security, operations, business and mission decisions in real time.

What areas of risk are at the intersection of high-impact and largely ignored?

First, the concept of a system of systems. Second, the context in which an endpoint operates. While we may have an idea that there is a higher risk when a system goes off-site, we need to have a specific metric to go along with that. If we don’t have the capacity to monitor the context and state in which a system is operating, we did not solve the problem. The problem is not finding the perfect tool – it is awareness, visibility, speed, scale and control.

What is the biggest mistake you’ve seen made regarding changes organizations have implemented to safely provide connectivity to the newly distributed workforce?

Waffling on the approach to connectivity. Organizations must make difficult decisions about how to provide remote connectivity to their workforce while also anticipating the unintended consequences of each. The human factor plays an even more significant role now than in the past and the wrong decisions can be catastrophic in terms of risks, incurred and realized.

What’s Tanium doing in order to address the uptick in non-domain joined and or non-traditional compute devices?

Tanium is already an industry leader in this regard, but there’s a lot of room for improvement and growth as well. As Tanium customers well know, Tanium has no dependency on Active Directory or domain membership in order to manage an endpoint. So long as a TCP connection is possible, Tanium thrives. The largest growth over the coming years will undoubtedly be non-traditional compute to include control systems, IoT, containers and cloud. Fortunately for Tanium customers, the abstraction of compute and the context in which computational work takes place is a core part of Tanium’s design principles. From Discover’s current ability to find, track, assess and report on any IP-connected device, to research and development into more direct control and integration of such endpoints, Tanium will continue to lead in these areas.

Interested in seeing Tanium in action? Schedule a one-to-one demo or talk to our Tanium experts at our upcoming events.