Dagobert Levy, Tanium: IT teams will have greater responsibility for prevention
October 2021 by Marc Jacob
For its new participation in the Assises de la Sécurité, Tanium will show how to manage and secure their entire IT infrastructure while maintaining high levels of cyber hygiene. Tanium will also present a new solution that will complete the portfolio of functionalities offered by its platform. Dagobert Levy, AVP Southern Europe at Tanium considers that given the evolution of technology and risk analysis tools, IT teams will have greater responsibility in terms of prevention.
Global Security Mag: What will you be presenting at the Assises de la Sécurité?
Dagobert Levy : Our presence at Assises 2021 is completely in line with the theme of this year’s event "Back to Basics". That’s why our teams at the show will be keen to show how Tanium is striving to enable its customers and partners to manage and secure their entire IT estate by maintaining high levels of cyber hygiene.
At this year’s show, Tanium will be showcasing a new solution that complements the portfolio of capabilities offered by its powerful platform, the expansion of its business strategy to the Enterprise and Mid-Market segments, and its new approach to addressing the issue of IT risk assessment and monitoring, which is now a priority for enterprises.
GS Mag: What are the main threats you have identified in 2021?
Dagobert Levy : More than threats, they are mainly points of attention that managers should keep in mind:
The importance of having real-time visibility of their entire IT assets
The respect of a cyber hygiene
Anticipate the exploitation of lateral movements by cybercriminals
The need to have a collaborative approach
The need to monitor the level of risk.
GS Mag: What about the needs of companies?
Dagobert Levy : We see a concern around digital sovereignty. In the wake of this, questions are being raised about the control of their environment/technological solutions, the control of their data and also the fact that they need to remain in control of their technological choices over the long term. The objective is to equip themselves with the solutions and technologies of their choice, which are efficient and which they are not locked into.
GS Mag: How will your strategy evolve to address these issues?
Dagobert Levy : In essence, the Tanium platform evolves to meet the changing needs of our customers. We therefore offer our customers a native solution that does not lock them into a technology they choose at any given time. Today more than ever, the technological solutions used must be interoperable and develop bridges between them in order to increase synergies. Technological complementarity is a prerequisite for our customers to be able to develop their IS as they see fit. So we’re going to continue in this direction, which is what we’ve always done.
GS Mag: With the pandemic, teleworking and its security have become essential today. How do you integrate these principles into your company and your offering?
Dagobert Levy : All endpoints, whether they are laptops, desktops, servers, or even machine tools, must be secured no matter whether they are in an office or being used remotely. This must be done with the same level of requirement and within the framework of security policies perfectly supervised by IT managers.
The generalization of work has certainly increased the number of distributed workstations and widened their locations, but this has not changed our approach to managing and securing endpoints. It has, however, made it more difficult for managers to identify all of their devices, regardless of their location. From the beginning, Tanium has been helping organizations identify and manage all of their endpoints, regardless of location, without saturating networks. We have implemented a certification program to increase the number of people with the skills to take full advantage of our platform. So companies of all sizes will be able to benefit from our offering.
GS Mag: What is your advice in this area, and more generally to limit risks?
Dagobert Levy : The first concern and our main focus is to ensure that the company has a complete inventory of all its endpoints in real time. The fight against shadow IT must be a priority because it conditions the success of security policy deployments within companies, whether public or private, from very small businesses to large corporations. However, it has been observed today that approximately 10% of endpoints (whether laptops, fixed computers or servers) are not managed by IT teams because they are not identified! It is therefore legitimate to ask why start a project to deploy a security solution if it cannot, de facto, be deployed on at least 10% of devices.
GS Mag: Finally, what message would you like to send to CISOs?
Dagobert Levy : I would tell them to prepare for the conversations they have with their board around cybersecurity to become more proactive. In recent times we have heard many people say that successful cyber attacks are inevitable and that the focus of security teams should be on reacting to these incidents rather than preventing them. However, we continue to see breaches that have stemmed from avoidable issues such as unpatched devices and staff falling victim to phishing emails. With this in mind and with technology and risk analysis tools becoming more advanced, IT teams will have a greater responsibility to prevent. CISOs should be prepared to provide the board with more regular cyber risk assessments and advise them on where money and resources should be spent before a problem occurs.