Assess, Manage, Measure: Tenable’s Approach to CybersecurityBy Andrea Villar | Tue, 11/03/2020 - 06:00
Q: How do Tenable’s services differ from those of other companies with a similar value proposition?
A: Relying on traditional or limited security tools remains a challenge for Mexican companies. In recent years, cybersecurity concerns have increased as companies shift to remote work and take advantage of innovative technologies, such as cloud, mobile devices, IoT and containers, that help automate processes and increase efficiency. Unfortunately, traditional security tools are not adequate in these newly dynamic environments. Companies require a unified, risk-based view of their environments to identify and address the vulnerabilities that today pose the greatest risk to their business.
That said, the Tenable Cyber Exposure Management platform is the industry's first solution for holistically assessing, managing and measuring cyber-risk across the entire attack surface. The platform uniquely provides the breadth of cyber-risk visibility across IT, cloud and operational technology (OT) environments and the depth of analysis to measure and communicate cyber-risk so that businesses can make better strategic decisions.
Q: What are the most common cyberattacks in Mexico and how can businesses protect themselves?
A: In April, Tenable, along with Forrester Consulting, conducted a study on cyberattacks affecting businesses in which security executives from global companies participated, including 104 leaders from Mexico. Worldwide, 36 percent of companies were asked for a ransom payment and 41 percent dealt with COVID-19-related malware or phishing attacks. In Mexico, 95 percent of companies faced cyberattacks or commercial impact commitments during the past year. The main business impacts in the country included a loss of productivity among 47 percent of respondents, identity theft in 29 percent and compromised confidential data among 29 percent.
Businesses can better protect themselves with a strategic mix of people, processes and technology. Security leaders should establish regular communication with business colleagues to identify the company’s most business-critical assets. Then, they can aligned to a strategic process for communicating risk, with regular reports on the company's safety posture and risk level. Technology is key to this, as automated tools can help security teams identify vulnerabilities based on the risk posed by the people in the business and thus prioritize high-risk vulnerabilities.
Q: What benefits will the integration between Tenable.ot 3.7 and Nessus Professional provide to your clients?
A: With the rise of Industry 4.0 and IIoT, the attack surface has expanded, converging the worlds of IT and OT while introducing new attack vectors that have allowed cyberthreats to grow at alarming rates. OT was previously physically separated from IT but the environments have converged due to internet-accessible OT that allows staff to receive real-time insights into critical sensors and operational status for industrial environments. Unfortunately, this means today’s cybercriminals can access OT by traversing through IT and vice versa. According to the study we commissioned a few months ago, 67 percent of business and security executives who experienced cyberattacks in 2019 said that some attacks involved work order (WO) systems.
Security equipment requires a holistic security solution that can accurately identify, assess and protect the specific threats from information technology and telecommunications technology in a company's operational environment. The goal of integrating Tenable.ot 3.7 with NessusProfessional is to help organizations secure both types of devices in these interconnected environments. For the first time, customers can use Tenable.ot, a comprehensive solution for unparalleled visibility and control to reduce their cyber-risk in modern, converged environments. Tenable.ot 3.7 enables businesses to create cost savings from the interconnection of their IT and WO environments without introducing unnecessary risk.
Q: One of Tenable’s solutions is risk-based vulnerability management. What does this entail?
A: Tenable enables security teams to take a proactive, risk-based approach to vulnerability management, which fills the gaps left by legacy vulnerability management approaches. Legacy vulnerability management is compliance-driven and IT-focused. It measures success based on the number of vulnerabilities remediated, regardless of whether or not they pose any degree of risk to the organization. With legacy vulnerability management, organizations suffer from “vulnerability overload” and cannot scale to secure all important business systems.
Risk-based vulnerability management is about understanding the full context of each vulnerability, including the criticality of the assets and an assessment of current and likely future attacker activity. Rather than a static view, risk-based vulnerability management delivers dynamic, continuous visibility of vulnerability, threat and asset criticality data. It enables security leaders to understand vulnerabilities in the context of business risk and to use that data to prioritize their team’s efforts. By taking a risk-based approach to vulnerability management, security teams can focus on the vulnerabilities and assets that matter most, so they can address the organization’s true business risk instead of wasting their valuable time on vulnerabilities that have a low likelihood of being exploited.
Q: A fast-growing issue in Mexico is the use of social engineering to get into the company’s systems. What do you think is the most effective approach to this problem?
A: Combating social engineering attacks also involves addressing people, processes and technologies. In these cases, it is best to educate employees on the common forms of manipulation used in social engineering attacks to help them stay alert. From a process and technology standpoint, many companies uphold a zero-trust policy, where multifactor authentication and verification is required as no one is trusted whether inside or outside the network, by default.
Q: How does your cloud security solution help businesses to prevent cyberattacks?
A: The current work-from-home scheme has vastly accelerated cloud adoption, introducing new security challenges as remote workers and new assets come online. That said, the cloud requires purpose-built sensors that leverage native technology to perform instant, continuous and efficient assessment to deliver holistic visibility.
Tenable just unveiled Frictionless Assessment, a new capability coming to Tenable.io, for vulnerability management in the cloud. This tool is a revolutionary approach to vulnerability management that leverages native technologies deployed as part of cloud assets to continuously assess instances for vulnerabilities. Customers will be able to evaluate cloud assets without interruption, quickly detecting new vulnerabilities as their environment changes without ever having to schedule a scan or deploy an agent. This capability will launch first on Amazon Web Services (AWS), using AWS Systems Manager Run Command, to allow users to remotely and securely manage the configuration of their cloud instances without interruption.
Q: How does the company use artificial intelligence in its solutions?
A: Tenable’s predictive technologies are powered by Exposure.ai, which continuously analyzes 20 trillion aspects of threat, vulnerability and asset information with machine learning algorithms to predict critical exposure points before they can be used in an attack. This technology helps power Tenable’s predictive technologies such as remediation maturity, which helps security teams measure their speed and efficiency in remediating vulnerabilities and compares them against external peers. Also, the vulnerability priority rating (VPR) automatically indicates the remediation priority for vulnerabilities. VPR is a dynamic value and changes with the threat landscape and dramatically reduces the number of critical and high vulnerabilities that need to be addressed first, allowing organizations to focus on the vulnerabilities that pose the greatest business risk.
Likewise, our predictive scoring delivers more accurate and comprehensive insight into an organization's overall cyber exposure. Predictive Scoring infers the Exposure Scores of groups of assets before they have been assessed in detail. This capability leverages the data lake of similar assets and the criticality of vulnerabilities found in these devices.
Q: One of the industries in which Tenable specializes is retail. What are the main cybersecurity challenges this sector encounters and how do you help companies address them?
A: Now, more than ever, the retail sector is embracing e-commerce due to the pandemic. E-commerce is often built on web applications, which can be riddled with vulnerabilities that can expose customer data if exploited by an attacker. One common attack vector is using SQL code injection to gather personal data that consumers put in a form on the e-commerce website to make purchases. Our web application scanning is a purpose-built solution to secure commonly used web applications. It provides security teams with context and guidance against high-risk web application vulnerabilities. It recognizes weaknesses and vulnerabilities in custom code and third-party components used to build the web applications and flags any misconfigurations that can increase exposure.
Q: Why should companies take cybersecurity seriously?
A: Cybersecurity is now a C-level and board-level concern. Increasingly, organizations are facing cyberattacks that hinder critical business processes. Currently, 74 percent of business and security leaders in Mexico expect an increase in business-impacting cyberattacks over the next two years. To reduce risk, organizations are beginning to evolve their strategies away from a check-the-box approach to embrace risk-based, business-aligned cybersecurity initiatives. This includes ensuring better alignment of people, processes and technologies for a strong security posture across the organization.
Cyberthreats are only expected to grow over the next few years. The attack surface is continuously expanding as new innovations hit the market and companies continue to embrace digital transformation. Deprioritizing cybersecurity can have direct business implications that can eventually lead to damaging effects, such as loss of revenue and customer base. At Tenable, as we continue to cement our position as the leader in cyber exposure, we encourage partners to join our journey to add more value to customers. We have made consistent investments in our partner network to enable them and support their go-to-market activities with Tenable. Our team is fully committed to working together with partners as a core part of our channel strategy.
Tenable helps companies understand and reduce their cybersecurity risk. It has over 30,000 clients around the world. The company is the creator of the world’s first platform to secure any digital asset on any computing platform