Imagine a scenario where the Internet, mobile services and Netflix were all disrupted on a regular basis.
How long could that go on before Americans would say to their government, “Leave Russia alone”?
“It doesn’t take a lot to disrupt or change your stance on foreign policy, especially in the case of Western nations that are heavily reliant on technology,” said Nadir Izrael, Co-Founder of enterprise security provider Armis.
Geopolitics are increasingly spilling over into the cyber security market, said Izrael, whose company in 2020 became the biggest cyber acquisition in Israeli history when U.S.-based Insight Ventures agreed to inject $1 billion.
“And when it comes to actual warfare, the next time we see a significant conflict, we will see cyber warfare at a scale we’ve never seen before, with very significant disruption, and things happening on a constant basis and all at once,” he predicted. “Add generative AI into all of this, and it’s going to put us in a place we’ve never seen before.”
Once, cyber warfare was a very silent affair, done under the radar for intelligence purposes. But in recent years, there has been a huge shift that started with Covid, and ramped up as the war in Ukraine continued. Mass ransomware attacks – which can be bought off the shelf – are giving nation-states immensely powerful tools.
“You have to put in just a little effort to create a lot of damage,” Izrael said. “The more countries become reliant on technology, the more they become vulnerable. I don’t like being doom and gloom. But we have not really seen anything yet. And the scale of attacks and amount of things that can happen at once will force organizations to understand that we’re all on the front line.”
Scale and simultaneity of attacks will also force organizations to recognize that they need to automate, because it will be impossible to do things manually, he added.
But while it’s probably going to get worse before it’s going to get better, things can be done to mitigate, he said.
“It’s not that we can’t do anything, but being aware is important in getting better at defense,” he said. “I’m a big advocate of doing the boring basics. Leverage the advantages you have as an organization. Organizations have the advantage of knowing their home court. They need to take advantage of their data and basic understanding of the environment to shore up defenses and prioritize the areas that need to be handled.
“Basics are hard, because organizations don’t have a good grasp of their landscape,” he added. “But when you do have that grasp, it’s easy to tease out the 5 or 10 things you need to do to significantly minimize the attack surface.”
Armis, whose valuation has tripled since the Insight acquisition, was born to solve what Izrael calls one of the holy grails of security and IT: knowing your asset inventory; contextualizing assets by mapping out things like ownership, security controls, vulnerabilities, threats and risks; and being able to action this information.
Izrael estimates that at least 95% of all assets are unmanaged, presenting security risks on various fronts.
“An organization has a huge attack surface that’s exposed outwardly,” he said. “If you can’t see it, you can’t protect it. You can’t raise all the security controls at your disposal to minimize the attack surface.”
Organizations also have trouble managing vulnerabilities because they don’t have a method to prioritize and manage the attack surface. By trimming it down, they could take action that could offer a lot of protection, he said.
And finally, without a good understanding of the environment, an organization has trouble discerning what is important and less important at a time when SOC alerts go off, compromising response time and efficacy, he added.
Organizations that don’t wrap security controls around the notion of assets “will be hard pressed to face the threats of today, and definitely the threats of tomorrow,” he said.
Armis’ platform absorbs all the telemetry tools that an organization has, maps everything, and houses that information in a central dashboard and console. It can also integrate with hundreds of other tools to reconcile what it knows with them. Suspicious devices are quarantined before they can connect with the network.
“A lot of our competitors do one aspect of what we do – asset management, OT security or vulnerability management. But we do it all. And every year we add additional features and solutions to the platform,” he said.
“In a world where folks are looking to consolidate and do more with less, that’s something that works very much in our favor,” he added. “Last year we added a vulnerability management tool. This year we are launching an out-of-the-box compliance tool, and an instant response tool for SOCs.”
As a cloud-based SaaS offering, Armis is monitoring more than 3 billion assets, including inventory from more than 40 Fortune 100 companies. Machine learning technology is constantly expanding the platform’s knowledge base.
“Armis technology learns from other attacks and applies that knowledge across the board,” Izrael said. “With 3 billion assets being monitored by Armis, It’s a unique collective shield. Real-time intelligence also sets us apart.”
The explosion in connectivity and the emergence of a perimeter-less world is fueling demand for Armis’ services, says the company, which was founded in 2015 and has continued to operate independently since the Insight investment.
Its platform has been adopted by organizations including 40 of the Fortune 100, organizations like Colgate-Palmolive, Mondelez International, Allegro Microsystems, and Takeda Pharmaceutical Co., in addition to national, state and regional entities across the world.
Takeda has more than 50 manufacturing plants across 35 countries, operating with outdated technology.
“We had zero visibility into the assets of these plants. We had zero security protection to many of the devices in these plants,” said the company’s CISO, Mike Towers.
“We tested three different partners. We found Armis to be the quickest time to value. … Thanks to Armis, we’ve already uncovered a series of potential cyber risks. Without the Armis deployment, we never would have known they existed. It has already paid for itself.”
By providing broad visibility to all network-connected assets, including third-party equipment, Armis is improving patient treatment decisions at Mater Misericordiae University Hospital in Dublin.
“Anything that interferes with the flow of information to inform those decisions, we would consider a risk,” said Dr. Michael Connolly, the chief information officer for the Ireland East Hospital Group of which Mater is a part.
With Armis, “visibility would be the main benefit, in that now we have evidence-based information to be able to deal with all of the devices on our network,” Connolly said. “It has enhanced our security defense shield, it is fulfilling a gap that we recognized needed to be filled.”