It's time to wipe the security slate clean and start over - SiliconANGLE

It's time to wipe the security slate clean and start over

Thousands of internet posts, including quite a few from theCUBE, have highlighted the increased security risk created by an expanding attack surface area. In the fight to protect sensitive data, companies have gathered security tools boxes filled with solutions and established set-in-stone routines to reduce potential exposure.

Six months ago, deviating from that norm and returning to a zero-point for security solutions would have been unthinkable. Now, rethinking security from scratch is not only recommended but essential to address the ever more complex endpoint security challenge.

“Rather than trying to do a Whac-A-Mole of the surface area, what if you could take a foundational approach that actually breaks that relationship between expanded surface area [and] expanded exposure?” asked Sunil Potti (pictured, right), general manager and vice president of cloud security at Google Cloud.

Potti and Orion Hindawi (left), co-founder and chief executive officer of Tanium Inc., spoke with John Furrier, host of theCUBE, SiliconANGLE Media’s livestreaming studio, during the Google Cloud Next OnAir event. They discussed the recent announcement that Tanium and Google Cloud’s Chronicle have joined forces to create a full-stack offering for endpoint detection and response.

COVID changes the security model

Ninety percent of organizations have experienced an increase in cyberattacks since the start of the COVID-19 pandemic, according to a study conducted by Tanium. Yet, even more — 93% — admit to delaying security projects in the scramble to adapt to remote work. Now, the world understands that work may never return to normal. Instead, workers are adopting a hybrid part in-office, part at-home routine, and companies are realizing that it’s time for a security makeover.

“When we look at our customers, they’re realizing they have to re-platform their security model,” Hindawi stated. “They’d been building on a pretty creaky foundation and just adding more and more layers to it.”

Acerbating the problem, many of those existing security tools no longer work. Prior to COVID, 60 or 70% of security budgets were spent on network, according to Hindawi. But “… when everybody’s working from home, you don’t own the network,” he said. “Even the endpoint tools that assumed that devices would be behind that network perimeter now just don’t work over the internet.”

The benefit of this is that customers are realizing they have an opportunity to wipe the security slate clean and start over. “What a lot of people start realizing is they’ve been maintaining the status quo for reasons that actually have nothing to do with efficacy. They have to do with comfort,” Hindawi said. “People can’t resist change anymore. Change has come. And as a result of that, they get to choose what they would like now.”

Treat every worker as remote

The current Whac-A-Mole solution attempts to monitor the entire attack surface and knock down threats as they appear. Instead, Potti recommends an “opinionated” stack solution that provides blanket security regardless of user, device or location.

“It doesn’t matter who you are, where you’re accessing it from, what device you’re using, or what network you’re using at which location. The safety posture is still very strong,” he said.

Following this model, the Google-Tanium partnership aims to “fundamentally change the security posture of the endpoint once and for all,” acccording to Potti.

“Ultimately, [workers] have this virtualized security ring that protects and always constantly authorizes, authenticates and provides security operations capabilities,” he said. “The world needs a virtual Chromebook to really feel safe at an endpoint level. And this is the first instantiation of that core stack that can at least get enterprise to start on that journey.”

Here’s the complete video interview, part of SiliconANGLE’s and theCUBE’s independent coverage of the Google Cloud Next OnAir event:

Photo: SiliconANGLE