I am excited to share the news that I have joined the Armis executive team to lead their growth development efforts, including partnerships and technology alliances. If you have not heard of Armis yet, you will! We are tackling the next wave of cyber security risk head-on. Let me explain.
Cyber security, as I’ve learnt over the past 2 decades, is a hard problem to solve and in many ways has become more fractured, more complex than ever before. But there is one trend I’ve been watching and I’m particularly concerned about and that’s the explosion of connected devices in our everyday lives. From patient monitors, infusion pumps and imaging systems in our hospitals, to PLC and HMI systems in critical infrastructure, to building automation systems, office devices and personal connected devices in the enterprise. The different types, shapes and volume of these devices is exponentially growing (25 billion by 2021 according to Gartner), far eclipsing standard Windows/Linux machines. The scary thing is the vast majority of CIO and CISO’s don’t know what’s on the network, and therefore can’t protect and understand the risk from all these connected devices that are all running different versions of operating systems, and in many cases can never run a security agent. Some people refer to this as the Enterprise IoT problem, I simply think of it as the unmanaged or shadow device problem. These connected devices are entering our work environments at an incredible rate, bringing with them a huge amount of risk due to new vulnerabilities. Attacks on these devices are up 300% in 2019 alone. Microsoft reported that Russia is targeting these devices. And Armis identified URGENT/11, a Remote Code Execution vulnerability potentially impacting hundreds of millions of devices running real-time operating systems like VxWorks, impacting medical, OT, and enterprise devices globally.
The reason I love Armis and the amazing team they have put together, is that they have taken a fresh approach to this problem. It’s practically impossible to create a run-time security agent for every permutation of these new connected devices. So Armis created a 100% agentless solution to firstly help organizations shine a light on what’s on the network and do so in a frictionless way – we all like an easy life. Combined with the fact Armis is leading the way with the largest device knowledgebase of any company, and has an astounding amount of device level threat intelligence and risk modeling, it helps bring to focus the unmanaged device risk posture.
Finally, and what I consider to be critical to security, is that Armis is building the solution to be “ecosystem first.” Once Armis has detected and fully understood the risk, the Platform utilizes engineered and automated integrations with the network or other security tools to complete the loop, such as updating Firewall policy, WLAN Controller or NAC access. I’ve always said security is a team sport and I’m thrilled to be joining a team that is perfectly aligned with this philosophy. Together we can beat the adversary and with the Armis Platform, we can solve the unprecedented risk that comes with unmanaged devices.
I welcome all security vendors to check out the Armis vision and join us in solving this problem together.