Tenable Blog

This is the first installment in a “Drifting Out Of Compliance” series where I take a closer look at organizational approaches to compliance, the resulting challenges that impact organizations’ ability to demonstrate point-in-time compliance, and the challenges of making the shift from a point-in-time compliance mentality to a continuous compliance one. A well thought out, risk based approach to establishing a comprehensive security program is the way to go, with compliance following as a natural result. A security first, compliance second mentality is ideal.

Recently, Bill Glanz of MeriTalk, the public-private partnered news website that focuses on government IT issues, interviewed Matt Alderman, Vice President of Strategy at Tenable, about several measures that government agencies should implement to improve cybersecurity.

At Tenable, we’re huge fans of USA’s cable series, Mr. Robot. The show follows Elliot Alderson, a talented, yet troubled, security engineer at Allsafe Cybersecurity who connects with people by “hacking” them. He becomes involved with a hacktivist group, fsociety, whose goal is to cancel all debts by taking down the largest company in the world, Evil Corp. In this blog, we will discuss several of the attacks demonstrated in the show, as well as how Tenable’s products can serve as a method to detect the attacks before or as soon as they happen.

The IT architectures of many organizations are changing as BYOD, cloud and social media continue to affect the way businesses exchange information. As the control over their data and applications decreases, organizations must adjust the way they approach security, which has become a business differentiator rather than a standalone IT activity.