//////////////////////////////////////////////////////////////////// t TECH
cht TALK
lk
As long as it continues to be easy for
cybercriminals to break in and monetise the
attack, it’s just going to increase.
Combatting the cybersecurity issue
and reaching a final solution
We can combat the cybersecurity issue
today. The biggest threat in IT security isn’t
ATP, it’s apathy. People aren’t taking the
right steps to solve this issue. Take WannaCry
as an example, it was a massive vulnerability
threat and Microsoft warned people before
it took effect. A month later, WannaCry hit
and people were surprised. Systems weren’t
patched properly and the vulnerability
targeted these systems. We know the
answer, we’re just not doing it.
Educating the end-user on potential
threats to allow them to contribute
to solving the issue
We must question whose fault it is if, for
example, an end-user clicked on a phishing
email. I think end-user education is really
important but you’re not going to be able
www.intelligentcio.com
to identify a really clever phishing email.
I’ve been in this industry for 20 years and
sometimes even I’m not sure. What needs
to happen in the industry is that everyone
accepts these foundational controls and
takes cybersecurity seriously, otherwise it’s
just going to continue. We should be making
it difficult for cybercriminals to monetise and
until we do, they’ll just keep breeding.
Top tips for securing an enterprise
My top three tips are the same ones I’ve
been giving for 15 years: patch your systems;
have good passwords; and reduce your attack
surface. These are the cyber essentials.
Tenable’s customer satisfaction
We’re focused on solving one problem;
vulnerability. Most vendors in this industry
try and go inch-deep, mile-wide. We are
100% focused on fixing the vulnerability
issue and we invest all of our resources into
doing so. This problem has been around
since IT began and has not yet been solved.
We have the answer and we are executing
on that and our customers love that
they’re with us on this journey. Tenable is
laser-focused on execution; on solving the
vulnerability problem.
Tenable’s future in the next year
Tenable is really focused on quantifying
organisations’ risk and really making that
easy. If you don’t know what your risk
exposure is, it’s really hard to address it.
We’re also focused on measuring – how
well are you doing things because you
can’t improve what you can’t measure.
In the coming months, we’re going to
enable all our customers to benchmark
themselves. That benchmarking enables
you to make decisions.
Advice to up and coming CISOs
It’s really easy nowadays to fall for
the marketing jargon that surrounds
cybersecurity. Don’t buy into the hype;
focus on the foundation. Measure your
effectiveness and make sure you’re
implementing those controls effectively. n
INTELLIGENTCIO
79