Cyber Criminals are using advanced tools these days to attack assets of organizations across the world which is a major concern for all of us. Cyberthreats have significantly increased and more sophisticated attacks have surfaced in recent times. It has compelled organizations to swiftly adopt next-gen technology solutions and strategies. Today organizations put all efforts to eliminate every small vulnerability in their IT infrastructure to keep their critical data secure. Tenable is one of the leading exposure management company and helps organizations to understand and reduce cyber risk. Rajeev Ranjan, Editor, Digital Terminal recently interacted with Kartik Shahani, Country Manager, Tenable India. The discussion revolved around the evolving threat landscape, and ways to safeguard the IT infrastructure. Read the complete conversation below.
Rajeev: With organisations taking a digital-first approach, the threat landscape has evolved very swiftly leaving organisations exposed to more attacks, so how do you look at the importance of cybersecurity in an organisation these days?
Kartik: Cybersecurity cannot merely be something organisations invest in to tick compliance checkboxes but a necessity to reduce business risk. Securing the modern attack surface requires a change in mindset — moving away from merely deploying software fixes towards a more nuanced approach that includes business risk management and analysis. This is because cyber risk exists on many frontiers and the tactical work of patching vulnerabilities does not mitigate threats that various exposures present. Securing the modern attack surface requires organisations to adopt exposure management as a strategy. This involves identifying where exposures exist in the entire environment, prioritising which exposures present the greatest risk to the business, and then building comprehensive remediation strategies.
Rajeev: Why is there a strong need to strengthen the cybersecurity infrastructure to prevent potential cyberattacks and protect confidential data?
Kartik: Organisations have been in reactive mode for far too long - performing firefighting exercises after attacks have taken place. Placing greater emphasis on proactive and preventative controls can create a stronger foundation for an organisation’s cybersecurity program, allows for greater risk mitigation, and makes reactive controls more effective in repelling attacks when needed.
Rajeev: Please brief about Tenable’s specialisation that makes it stand out of the crowd in this highly competitive sector? What services do you offer currently?
Kartik: Tenable is the only company offering a unified platform that tackles exposure management. While many security platforms offer solutions that tackle a specific aspect of security, most of them lack the context to understand where cyber exposures lie and which ones to prioritise and remediate first. With the Tenable One platform, organisations are able to effectively reduce their cyber exposure and thereby cyber risk. Organisations can now translate technical asset, vulnerability and threat data into clear business insights and actionable intelligence for security practitioners. This platform combines broad exposure spanning IT assets, cloud resources, containers, web apps and identity platforms with threat intelligence and data science from Tenable Research. This one-of-a-kind solution focuses on preventing attacks and accurately communicating cyber risk to support optimal business performance.
Rajeev: Do you think that exposure management is important to tackle modern attacks? How can exposure management benefit CISOs and security practitioners?
Kartik: Exposure management eliminates data silos by unifying a variety of data sources into a single exposure view to help organisations gain full visibility, prioritise efforts and better communicate exposure risks.
For CISOs, exposure management provides accurate risk assessments to improve investment decisions, make decisions about insurability, meet regulatory and compliance requirements and drive overall improvement to security programmes. Exposure management arms CISOs with actionable metrics to help them measure, compare and communicate cyber risk not only to security teams, but also to non-technical executives and operating teams throughout the organisation. It gives CISOs a unified view of cyber risk with clear KPIs, allowing them to measure progress over time and benchmark comparisons against industry peers and within the organisation. Ultimately, it helps them answer the most important question — “How secure are we?”
Rajeev: What are your plans for the next phase of growth in 2023? What will be your channel plans in 2023?
Kartik: Tenable has always been committed to a channel-driven business model. We believe partnerships between vendors and channel partners are extremely important to grow brand awareness and increase market footprint while also growing the customer base. And in 2023, through our partners, we want to focus on exposure management, to help organisations gain a holistic view of their attack surface and manage vulnerabilities, misconfigurations, identities, cloud, web apps, attack pathways and external attack surface management in a unified space.