Traditional Perimeter Security Simply Isn’t Enough
Maher Jadallah, the Senior Director for the Middle East and North Africa at Tenable, says that companies need to invest in adaptive user and data risk profiles to disrupt attack paths
What are the cybersecurity challenges organisations face in 2021 and beyond?
The increasing threat and severity of cyberattacks have been well documented with governments, businesses, and even civilians all questioning how safe their personal information is. More recently this concern has intensified as we’ve seen threat actors target the very infrastructure that underpins our lives – from water purification plants, oil refineries, medical facilities, and transportation systems, nothing is off-limits. With defenses falling we need a new approach to cybersecurity practices.
When we think of traditional network security, the premise is to fortify the perimeter. The aim is to prevent threats outside of the network from getting in. The downside is that, once users – or bad actors – clear the perimeter, they are free to move about the network, taking whatever they find with them as they leave.
Traditional perimeter security simply isn’t enough to protect multiple environments against today’s cybercriminals. Instead, security needs to adopt a model in which nothing – no device, person, or action – is inherently trusted. In tandem, they need to invest in adaptive user and data risk profiles to disrupt attack paths by accounting for misconfigurations in Active Directory and the cloud and step up security based on changing conditions, behaviors, or locations.
Finally, they must take a hard look at the limits of traditional, perimeter-based security architectures, to consider more sophisticated options that continuously monitor and verify every attempt to request access to corporate data at all levels, whether that’s a device, app, user, or network attempting to make that connection.
How does Tenable help customers address their cyber risks?
Tenable is focused on enabling our customers to see every asset and vulnerability across their entire modern attack surface, predict the vulnerabilities that will be leveraged in an attack on the assets that matter to the business, and guide our customers on where they need to act to address risk.
Our solutions include:
- Tenable.io: Cloud-based vulnerability management platform provides a risk-based view of the entire attack surface – from IT to cloud to OT and containers – to quickly identify, investigate and prioritize vulnerabilities.
- Tenable.sc: On-premises Vulnerability Management with comprehensive compliance reporting, highly customized dashboards, and real-time asset and vulnerability discovery.
- Tenable.ad: Continuously and non-disruptively discovers new Active Directory attack pathways and detects ongoing attacks in real-time, recommending remediations without the need to deploy agents or leverage privileged accounts.
- Tenable.ot: Asset inventory, threat management, vulnerability management, and configuration control of OT assets that integrates with Tenable.sc and Tenable.io for full visibility across converged IT/OT environments.
What can a partner expect from Tenable’s channel strategy?
Tenable’s channel strategy is tailored for each country to address the market dynamics and provide the needed support for local partners. As a vendor, we look for and actively nurture relationships with partners that do more than just sell our products.
We want to see commitment as we know that is what our customers demand, and we’re prepared to offer the same. Our partners need to be as invested in the technology as we are, and from this basis, we will actively work to help and support them build services and value around our solutions.
This could include complementary technologies that ultimately address the challenge the customer is facing. Tenable is committed to the Middle East region and the strategy we have built has managed to successfully win major customers across all sectors.