As enterprises had to suddenly shift to remote working, it led to the expansion of the corporate attack surface and introduction of new threats. Diwakar Dayal, MD, Tenable India talks about the thoughtful procedures that has enabled the company to respond to emergencies and maintain high business standards
How do you assess the current scenario and the lessons learned? What’s your preparedness to handle such an unprecedented situation?
For organisations to successfully function during these difficult times, they need to ensure that cybersecurity measures are put in place. Many enterprises had to shift to a remote working model practically overnight, which expands the corporate attack surface and introduces new threats. To overcome this security challenge, we cannot stress enough for organisations to extend their security controls all the way to remote workers.
At Tenable, our customers are central to everything we do. Hence, we’ve developed thoughtful procedures that enable us to respond to emergencies and maintain high business standards. These steps ensure that we are adequately prepared to serve our customers without disruption during these trying times.
How are you safeguarding your customers’ assets/premises in order to ensure the continuity of their business operations?
Our customers have the option of installing lightweight, low-footprint agents locally on assets to supplement network-based scans. These agents can be used to collect vulnerability, compliance and system information and report this data back to their vulnerability management platform for further analysis.
Additionally, our flexible scanning capability allows assets, which are frequently offline, to be assessed when they eventually connect to the network. Customers can also use agents to scan online assets without the need for ongoing host credentials while minimising the network impact from large-scale concurrent scans.
With the sudden rise in cyber threats and attacks during this period, how are you ensuring your customers’ data is safe and helping them mitigate risks?
Apart from being available to our customers 24×7, our Tenable Research team is working around the clock to publish the latest research on cyberattacks, phishing attempts, and other opportunistic behaviours so that our customers can stay informed.
During this time of total lockdown, how are you ensuring 24×7 service and support to your customers?
In addition to organising webinars and conducting research on the latest threats, we have extended our Tenable.io licenses till June 15th this year at no additional cost for customers. Tenable.sc and Nessus Professional customers have also been offered a free Tenable.io license with unlimited agent scanning till June 15th. Additionally, our customers can interact with our principal engineers weekly via video conferencing sessions. These sessions are free and include tips and best practices to reduce their cyber exposure gap.
Soon we will witness business models changing, wherein there will be far more remote workers in any organisation. In such a scenario, what are the best cybersecurity practices that your customers should adopt?
Organisations looking to adopt remote working model for a longer-term should consider the following:
● Lock arms with IT to secure Software-as-a-Service (SaaS) applications via cloud access security brokers for configuration, security, and data loss prevention.
● Reduce access to IaaS providers by using jump boxes, which provide the ability to access and manage devices in a separate security zone, and reach the critical systems.
● Mitigate risk by adding IT systems management onto the laptops, to facilitate controlling software updates and patching.
● Use vulnerability detection agents to gain off-network visibility for connected devices at home as well.
What’s your message to customers so that they are assured of full support today and in the days to come?
We understand that managing risk during these difficult times can be daunting. The entire Tenable team is here to help and support our community of customers, partners and employees.
If you have an interesting article / experience / case study to share, please get in touch with us at firstname.lastname@example.org