Freely subscribe to our NEWSLETTER

Global Security Mag: What will you be presenting at the 2024 InCyber Forum?

Bernard Montel : At 2024 InCyber Forum Tenable will be showcasing Tenable One, the first and only exposure management platform that provides holistic visibility across IT and OT environments spanning IT assets, cloud resources, containers, web apps, identity systems, OT and IoT assets. in addition to its Tenable One Exposure Management platform, Tenable will be presenting:

● Tenable Cloud Security — multi-cloud solution that simplifies cloud complexity and, through precise contextual analysis, enables teams to efficiently identify and address accurately prioritized security gaps.
● Tenable OT Security — an industrial security solution that identifies assets in the OT environment, communicates risk, prioritizes action and enables IT and OT security teams to work better together.
● Tenable Identity Exposure — a fast, agentless Active Directory (AD) and Entra ID security solution that allows organizations to see everything in their complex AD environment, predict what matters to reduce risk and eliminate attack paths before attackers exploit them.

Global Security Mag: What are the highlights of the solutions you will be presenting?

Bernard Montel : Tenable recently strengthened its cloud security offering with the acquisition of Ermetic in October 2023, enabling it to offer a cloud-native application protection platform (CNAPP) and extended cloud infrastructure access rights management (CIEM).

These capabilities have been integrated with the Tenable One exposure management platform and the Tenable Cloud Security solution to simplify risk identification and remediation in multi-cloud environments. Unlike siloed tools that ignore blind spots in the attack surface, it maps every cloud asset, identity and risk, to identify risky configurations that pose the greatest threat to the enterprise.

Ermetic also brings analytics power to ExposureAI, Tenable’s generative AI data platform, which provides contextual risk visibility to reduce cyber exposure and improve business productivity.

Global Security Mag: The theme of this year’s InCyber Forum is AI. What are the main cyberthreats it creates / generates?

Bernard Montel : Historically Artificial Intelligence (AI) was used primarily to analyze data. Machine learning, an application of AI, uses mathematical models of data to help a computer learn without direct instruction. Deep Learning, part of a broader family of machine learning methods, structures algorithms in layers to create an “artificial neural network” that can learn and make intelligent decisions on its own. Today, with Generative AI — a subset of AI, it is possible to learn about artifacts from data but take this further to generate innovative new creations that are similar to, but don’t repeat, the original.

While created as a tool for good, AI can just as easily be weaponized by malicious cyber attackers to accelerate their money making schemes or even create misinformation. There are a number of examples and methods by which generative AI can be leveraged maliciously. Generative AI, simply put, is a method by which a model builds relationships between words and when interacted with can predict what a response should be based on these relationships.

We’re already seeing bad people test the bounds of what’s possible, with AI used to create deep fake videos. Attackers are also harnessing the power of Generative AI to accelerate their capacity to "create" malicious emails, malware, and more. Now, instead of creating these malicious communications or software themselves, which is time consuming, they are using the speed and intelligence of Generative AI to write the malicious code and communications on their behalf. This means they can operate their illicit activity to launch attacks quickly.

When you look at code, from a generative AI perspective, it’s just words. Looking at how that code has been exploited in the past and using that to find new zero day vulnerabilities in other code sets becomes much easier. We have seen one example where a security researcher was able to get a bot running in the snapchat application to write in basic code that is similar to how ransomware locks a system down. We have also seen examples of phishing attacks becoming much more sophisticated and being able to easily evade the algorithms of anti-spam software.

Whilst AI can be used to automate more targeted and convincing attacks, the flaws these attacks target haven’t changed. That means the foundation to defending against any style of attack, be it AI or human powered, remains unchanged. What has changed is the rate at which the cat and mouse game is played. Attackers are going to be much more efficient in many aspects.

The good news is that generative AI can also be a supercharger for cyber defenders.

Global Security Mag: Did / Will you have AI technologies integrations into your solutions?

Bernard Montel : Last summer, Tenable launched Tenable has, for years, harnessed artificial intelligence (AI) and machine learning (ML) in multiple ways across its solutions. This includes enhancing models around asset criticality assessment, in prioritization techniques, and other methods we use to differentiate our offerings and add valuable insight for customers.

With the launch of Exposure AI last summer, we take this even further. ExposureAI, a set of generative AI capabilities and services, as well as Tenable Exposure Graph, a scalable data lake powered by Snowflake, which powers the ExposureAI engine. This unified data platform represents over a trillion exposures, IT assets and unique security detections (vulnerabilities, misconfigurations and identities) across IT, public cloud and IoT environments, and powers all of Tenable’s exposure management products.

ExposureAI enables security teams to ask questions via natural language search queries to analyze assets and exposures in their environment, understand relevant contextual information and prioritize remediation efforts. It provides targeted guidance that leverages Tenable’s exposure data to give security teams complete visibility and analysis of complex attack paths, specific assets and security detections. The repository also provides actionable insights and recommended actions based on the most significant exposures, enabling security teams to proactively address risks and reduce overall corporate exposure.

Global Security Mag: How should technologies evolve to counter these threats?

Bernard Montel : According to the results of a study commissioned by Tenable of 100 IT and cybersecurity managers based in France, 41% of cyberattacks penetrate corporate defenses. What’s more, 62% of those surveyed said their cybersecurity team was too busy resolving critical incidents to adopt a preventative approach that would reduce the company’s exposure.

Outside the cloud, IT, OT and IoT assets are becoming increasingly interconnected. Cyberattacks that start in IT systems and then develop in IoT environments have always existed, but are on the increase with the growing use of connected objects. This includes physical assets such as HVAC systems in data centers, badge readers in office buildings, and cameras on production lines. In addition to the software aspect, CISOs are increasingly tasked with responsibility for the hardware too and must take into account the company’s attack surface on both levels. With this in mind, Tenable recently integrated its Tenable OT solution into its unified Tenable One Exposure Management platform.

Global Security Mag: What message would you like to send to CISOs?

Bernard Montel : As per Tenable’s study, seven out of ten French organizations claim to use multi-cloud and/or hybrid cloud environments. However, two-thirds of respondents (66%) still cite cloud infrastructure as one of the main risk exposure factors within their organization. This underlines the need for visibility that is as comprehensive as possible and provides actionable insights, hence our initiatives to strengthen Tenable Cloud Security’s analytics capabilities.

With the growing sophistication of cyber threats, it’s vital that solutions enable companies to shift from a reaction-focused strategy to one that focuses on prevention. By adopting the attacker’s point of view and having real-time visibility of the organization’s assets, whatever their nature, cybersecurity teams can act quickly enough to strengthen defenses and prevent attacks from happening in the first place.