Jean-Michel Tavernier, ARMIS: To close the doors to pirates, it is essential to list and know your assets
June 2022 by Marc Jacob
Founded in the United States 6 years ago, Armis was created to respond to the issues of threats to connected objects (IoT, IIOT, IoMT, ICS, etc.). Its solutions help provide unified visibility and intelligence of assets, to secure them across the entire attack surface. Indeed, the Armis platform, 100% SaaS, makes it possible to discover all the connected assets and to secure them. For Jean-Michel Tavernier, Sales Director France of ARMIS to close the doors to pirates it is essential to list and know your assets.
Global Security Mag: Can you introduce your company?
Jean-Michel Tavernier : Armis is an American company, founded 6 years ago. Based in Palo Alto (California), it is valued at 3.4 billion dollars. Armis employs over 600 people worldwide, with a presence in the European, American and Asian markets.
From the outset, Armis was designed to address the new threat landscape that has accompanied the advent of connected objects (IoT, IIOT, IoMT, ICS, etc.). In other words, Armis addresses a major challenge for businesses worldwide: the security "grey areas" created by the exponential growth of connected assets. Armis is the only cybersecurity company today to provide unified asset visibility and intelligence to secure assets across the entire attack surface. And as proof, several Fortune 1000 companies rely on the Armis approach to ensure real-time protection of all their digital assets
Global Security Mag: What is your assessment of the connected object market today in France and abroad?
Jean-Michel Tavernier : It is difficult to give an overview of the cybersecurity landscape, as it is so fluid. In view of the economic context and the tensions between states, the prospects of escalation of the cyberwar that is played out every day are all too real. At the same time, even though workspaces are welcoming new employees, many refuse to work five days in a row within the company. Technological innovation, meanwhile, does not seem to be waning with developments in connected devices. We are entering a new industrial era, which we cannot slow down or hold back because cyber attacks are also accelerating. It is much more a question of facing up to this state of the world and recognising that the protection of unmanaged and unprotected digital assets is urgent. In France, as abroad, the concern is not just about IT. Robots in industry, MRI machines in the health sector, point-of-sale terminals in retail, etc., are all networked and exposed to attack. According to some observers, by 2025 there will be 3 times as many non-IT assets - IoT, IoT, BYOD, 5G and cloud - as traditional IT. It will become almost impossible to keep up.
Global Security Mag: What about the deployment of these objects in companies and public organisations?
Jean-Michel Tavernier : The recent attacks on the Paris Hospitals and the GHT Cœur Grands show that the deployment of connected objects in companies and public organisations is real, but that the security of these devices was not perceived as an obligation. Today Armis is in a unique position in the healthcare sector to secure and protect the entire patient journey. We now support the world’s leading healthcare organisations. These range from public entities like the NHS in the UK to private entities like United and Cardinal Health in the US. We also work with the largest pharmaceutical and biopharmaceutical companies, such as McKesson and Takeda. We ensure the protection of all their critical assets. We ensure that patients can always be cared for without disruption, without the risk of compromising devices and systems.
GS Mag: What is your flagship product for 2022?
Jean-Michel Tavernier : Our flagship product is the Armis Platform, which enables our clients to discover all connected assets and secure their enterprise across the extended attack surface. With our database of over 2 billion devices, we are fully capable of discovering and cataloguing all your assets including IT, OT, ICS, IoMT, IIoT, cloud and cellular-IoT, managed or unmanaged.
This month, we released Armis Asset Vulnerability Management (AVM), a solution that strengthens our core product. AVM is the only solution for risk-based vulnerability management that enables organizations to prioritize mitigation efforts across the entire asset attack surface.Providing vulnerability scan associated with each asset, regardless of the type! We provide an accurate inventory of the equipment such as its owner or location.
GS Mag: How is this solution offered: On-Premise, in the public or private cloud, both?
Jean-Michel Tavernier : Armis is a 100% SaaS (Software as a Service) solution, agentless and native to the cloud. Subscription is via an annual subscription.
GS Mag: What are the main features of this solution?
Jean-Michel Tavernier : The interest of this solution is its automatic update, as it is SaaS mode. The collector only sends meta data to the cloud on a dedicated tenant.
GS Mag: What type of customer are you targeting?
Jean-Michel Tavernier : We target all sectors, as long as they have connected assets. We target both private and public sector organisations. Our clients include world-renowned companies such as Mondelez, Booking.com, DocuSign, Sysco, to name a few. Forty Fortune 100 organisations trust us. We also have important references in France: Apixit, Nomios, Orange, Aura-it and Manathan. We are rapidly developing our presence in France. We have recently recruited several people (Solution Engineers, Customer Success, Account Executives, and country leads). We are accelerating our presence across the country, improving our relationships with associations, deepening our ties with security professionals and our partners. Expect to meet Armis at all major French security conferences and host local events.
GS Mag: What are the types of projects that you see most often today within large accounts? What about SMEs?
Jean-Michel Tavernier : A large part of the projects is the discovery of all connected assets. Thanks to Armis, the client controls all its shadow IT (mainly in OT), all BYOD within its company, and all in real time. Then the requests are compliance reports, or the use of this or that software on the workstations.
GS Mag: Generally speaking, what approach do you recommend to companies in terms of IOT? What are the points to watch out for?
Jean-Michel Tavernier : Whether it’s in terms of IoT or IoT, IoMT, the first action is to discover all your connected assets. As I often say, you can only secure what you know. And whether it’s PLC, BMS, cameras, robots, medical or even PC/MAC workstations or servers, we must first discover them and then automatically catalogue them. Once catalogued, we can give the order to block them in case of an attack.
GS Mag: Finally, in what ways do you think IOT security will evolve?
Jean-Michel Tavernier : Unmanaged and BYOD devices are increasing exponentially. If nothing is done in terms of detection and security, the door is open to hackers. So the first thing to do is to discover and list them. Then we work on its behaviour to define the risks.
Sales Director: Jean-Michel Tavernier, Sales Director France d’ARMIS firstname.lastname@example.org