01732 759725 19 magazine CYBERSECURITY could get from a vulnerability to business-critical assets has benefits in multiple areas. “The first use case is search, the second is explain and the third is remediation. In the past, the remediation plan was static. You have a set of vulnerabilities – A, B, C – you patch that one, then that one, then that one. Now, generative AI can help Tenable propose a remediation plan which is in context, dynamic and changing.” Montel says that while AI is helping customers to move faster, they won’t be able to rely on AI for everything. “Whatever progress AI is making, we still need human validation. The person in charge of cyber risk exposure management cannot delegate responsibility for that to AI. We have to keep AI where it is, which is as a Decision Assistant, albeit one that is smarter than it was before.” While the productivity benefits of generative AI might blind business users to certain security risks, Montel says that those responsible for cyber security in an organisation can’t afford to be so trusting, citing the example of software developers who use generative AI to cut development times from one month to a week. He warns that there have been instances when ChatGPT has asked developers to use a code library that doesn’t exist. Attackers learn of this, create that library and push it into public repositories. When developers get the code and see it is working, they think there is nothing to check, and leave it to work. “For developers the code is working fine, but that doesn’t mean it is secure for security practitioners who are trying to find the misconfigurations in libraries,” he explains. Identity risk AI aside, Montel says that Tenable’s greatest priority as customers move more and more to the cloud is to become cloud security specialists, especially in relation to identity security, the main vector through This, says Montel, enables business leaders to see if they are exposed to any threat and to evaluate the risk of that exposure to their business. “We have the ability to bring all those exposures together to answer one question at a very high level in an organisation: Am I exposed? What is the risk? What is the potential impact on businesscritical assets? Tenable One lets you see which part of your organisation is currently at risk and why. It could be a misconfiguration or a new vulnerability that our system has identified in those assets that increases the risk of exposure.” Montel adds that as well as aggregating data from its own solutions, Tenable is planning to open Tenable One to third parties, including those specialising in detection. “We do not claim to have 100% visibility. It could be that there is a system that is scanned by another company’s technology. We want to get that information back to us. If there is an agent deployed to an endpoint doing detection, we want to know as soon as it detects that a specific endpoint has been compromised. We get that information and then we try to find out why it was compromised so we can close that door. We are the security guards saying ‘Guys, your door is open, please close it'.” AI developments Another area of development is AI. The cybersecurity industry has been using AI for years in behaviour analysis and risk scoring, and it is now exploring use cases for generative AI. Tenable is no exception. Last August it announced Exposure AI, an AI assistant that can answer questions from non-technicians to help them understand vulnerabilities and risk more quickly. Montel says that generative AI’s ability to search a huge database of centralised data and explain to nontechnicians in plain English what the risks are and how an attacker which attackers gain access to data. “We cannot put an agent in a cloud service, so we have to reinvent ourselves. That's why we acquired Ermetic – to have a native cloud solution. And on top of that, the main use case is something called CIEM, which stands for cloud infrastructure entitlement management. To put that in English, entitlement is access. So identity is still the number one priority and identity in the cloud is the number one challenge we want to be able to help our customers with.” Montel adds that Tenable’s aim is to provide everything that customers might need in the domain of prevention, helping it to meet the needs of a wider cross-section of users and leaving strategic partners like Sophos and managed service providers to suggest solutions for detection and response. “We are already recognised as the leader in vulnerability management, the core domain, the one in which we’ve been active for more than 20 years. Now that we have expanded into OT, identity and cloud, and with our holistic exposure management approach, we now have the ability to give KPIs or KRIs, key risk indicators, for customers’ technology and their business transformation. Security practitioners want to know, am I exposed? The CEO wants to know, am I exposed to something which is business-critical? And the CISO wants to know how am I exposed? We now have the ability to answer all those questions.”
RkJQdWJsaXNoZXIy NDUxNDM=