Veronica Martin spoke to Maher Jadallah, Senior Director MENA at Tenable, about its commitment to AI-driven security solutions that protect against emerging cyber threats, highlighting the importance of proactive risk management in an increasingly interconnected world.
How is Tenable leveraging AI-powered exposure management solutions across IT infrastructure, cloud, and OT at GITEX 2024?
We’re excited to participate in GITEX once again, with our primary goal being to connect with partners and customers while showcasing our latest solutions. Historically, we’ve been known for our best-in-class vulnerability management technology, but over the past few years, we’ve seen a shift in customer needs. Many organisations are looking to simplify the complexity of managing multiple security products. In response, we introduced Tenable One, a unified platform that combines our leading vulnerability management capabilities with Tenable OT, offering comprehensive protection.
With our OT solution, we focus on identifying misconfigurations and vulnerabilities that affect critical OT infrastructure. In recent years, we’ve seen a sharp rise in cyberattacks targeting mission-critical industries, with attackers aiming to cripple entire sectors or countries through cyber rather than physical means. These attacks on OT systems are part of a growing trend, used to cause severe reputational and financial damage.
Tenable addresses this by securing both OT and IT environments. Since IT and OT systems are now interconnected—allowing IT teams to access OT equipment and vice versa—this has created new attack vectors. That’s where Tenable stands out. We understand the complexity of these integrated environments and offer a solution that tackles vulnerabilities from both IT and OT perspectives, ensuring robust protection for today’s converging infrastructures.
How has your partnership with Forrester on AI Aware influenced your approach to cyber risk management?
If you look around today, even our kids are using AI applications to write essays, and businesses are increasingly leveraging AI to detect misconfigurations, identify vulnerabilities, and manage specific tasks within their networks. However, not all AI applications are safe or approved for use in security environments. AI can be a double-edged sword—on one side, it can be highly beneficial, but on the other, it can expose vulnerabilities within your network.
That’s where Tenable comes in. We offer an AI-aware solution designed to assess the safety and legitimacy of AI-based applications. Our solution monitors these applications to determine if they are secure for use. If we detect any risks, we immediately alert the IT or security teams, enabling them to take swift action—whether that means keeping the application, removing it, or escalating it for further investigation. This proactive approach ensures that AI enhances your security posture, rather than becoming a potential risk.
What are the key findings of Tenable’s 2024 Cloud Risk Report, and how do they impact cloud security strategies?
Today, many companies are shifting to the cloud, and it’s easy to see why. The cloud allows organisations to move away from managing local equipment and offers the convenience of access from anywhere. In fact, it’s common for businesses to utilise multiple cloud providers, such as Microsoft Azure, Google Cloud, and Amazon Web Services, distributing their data across these platforms.
However, this multi-cloud strategy introduces significant risks. The potential for cyber exposure increases as organisations may misconfigure settings or lose control over their assets spread across different clouds.
That’s where our Cloud-Native Application Protection Platform (CAPP) comes in. CAPP identifies misconfigurations and excessive privileges granted to users or machines that could be exploited to compromise networks or disrupt cloud-based assets. By discovering and securing modern assets—both on local networks and in the cloud—we help enterprises maintain control and protect their valuable data.
How does TenableOne provide a unified view of cyber risk across diverse assets in IT, OT, and IoT environments?
Organisations have begun to recognise the challenges of managing multiple siloed systems. Each piece of equipment comes with its own configurations, reporting, and management requirements, making it increasingly burdensome for decision-makers to consolidate the necessary information for effective decision-making.
In response to this need, Tenable has developed Tenable One, an integrated platform that consolidates all of our solutions into a single, cohesive interface. This allows customers to monitor their IT assets, vulnerabilities, and misconfigurations alongside operational technology (OT) and web applications. With Tenable One, businesses gain a comprehensive view of their cyber exposure, enabling them to make informed decisions with ease.
What will be the focus of your live demos on TenableOne, Cloud Security, OT Security, and Vulnerability Management at GITEX?
We’re excited to be participating alongside two of our top partners in the region, with our dedicated team present at the event. Whenever customers visit our booth, we will demonstrate the capabilities of the Tenable One platform. Our goal is to showcase how seamlessly the interface integrates our three key products, highlighting how they work together to prioritise vulnerabilities.
We’ll guide customers through the process of identifying where to start and how to tackle their security challenges effectively. Ultimately, we are showcasing the full breadth of our technology and its potential to enhance their cybersecurity posture.
How does Tenable address the security challenges of managing multiple clouds and identities in converged IT, OT, and IoT systems?
We recognise that many organisations operate across multiple cloud environments, and our aim is to help customers identify their vulnerabilities across these platforms. The growth of the three leading cloud providers has been remarkable. However, we also understand that some sensitive accounts remain hesitant to move to the cloud.
To address this, we offer a solution called Securing the Enclaves. This approach enables us to implement localised, in-country cloud solutions specifically designed for those sensitive accounts that prefer not to use public cloud services. With our private cloud options, these organisations can benefit from enhanced security while still leveraging our advanced capabilities.
Image Credit: Tenable
