Intelligent CISO Issue 52 - Page 69

decrypting myths
Another area Tanium addresses is that many organisations don ’ t know where their important information is stored . Furthermore , Tanium shows you your vulnerabilities and how you can fix them to the point where they are no longer a weakness . Hence , you can make better decisions on where and how to protect your valuable information .
How can organisations select appropriate security tools to defend against ransomware ? we help gain visibility and identify problems with vulnerabilities and issues with different patches that aren ’ t up to date . Tanium can then enforce and push those updates , patches and policies up to the endpoints , thus being able to not only find the problem , but also solve the problem . This converged endpoint management is crucial as we also reduce the number of agents and overheads you need to support all those devices .
How does Tanium address ransomware at every different stage of the attack ?
At the different stages , Tanium provides visibility to make decisions and break the kill chain before the cyberattack . There are six steps in the cyberattack chain with opportunities in every single step
Zac Warren , Chief Security Advisor , EMEA at Tanium
to disrupt a bad actor . However , if you have no visibility of your environment , you ’ re flying blind . As an organisation , if you have vulnerabilities , bad patching , no Multi-Factor Authentication and no visibility , anyone can come in and walk out and you won ’ t be able to ascertain whether they ’ re still there .
My two recommendations again would be cyber hygiene and prevention . We need to ensure that our basics are taken care of first . If you ’ re looking at new toolsets , EDR , firewalls or security toolsets , first look inwards before purchasing anything new . Look at your existing tools , patches , patching cycles and processes . Evaluate how long it takes to rollout a new patch in the environment . Every time a new patch is rolled out , does it work 100 %? Look at these basics before you go out and look to buy anything new .
I worked with a CISO that had 72 security tools , but as we analysed them we realised that 50 % were being utilised and some were even overlapping in capabilities and not being fully utilised . By getting rid of half of the overlapping tools and using the tools in place to their full potential , the organisation is now in a much better place . Tanium simplifies what they have and gets rid of a bunch of agents on the endpoint to start looking at how the CISO can integrate more tools and eliminate the excess . Once this is done , it is all about visibility . Understand what your environment looks like , your inventory and the assets you have on your devices , such as the software and the applications running and then you can better protect your organisation . u www . intelligentciso . com
69