Tanium, along with its partner World Wide Technology, received a potential five-year, $750 million contract from the Defense Innovation Unit Experimental (DIUx), the Defense Department’s Silicon Valley outfit, to provide managed cybersecurity services to Federal agencies.
Under the contract, Tanium will provide the Army Network Enterprise Technology Command with Tanium’s endpoint security management product for near real-time visibility and control over roughly 1.2 million network endpoints.
In an interview at the NASCIO 2017 annual conference with MeriTalk, Dan Parelskin and John Maxwell III, both Tanium regional vice presidents, discussed the cybersecurity and endpoint security management. While both Parelskin and Maxwell specialize in state and local governments, many of their insights apply to the Federal market.
Parelskin explained that frequently both public and private organizations don’t have a clear understanding of what they are trying to protect.
“How do you secure something you don’t fundamentally understand? You can’t,” said Parelskin. “You have to go back to the basics of IT operations and then create a security baseline.”
As for that baseline, Parelskin said it starts with organizations understanding exactly how many endpoints they have to secure.
“People don’t know how many computers they have,” Parelskin said. “We normally get very round numbers, not accurate numbers. It’s really hard to get the core understanding in large organizations.”
Organizations aren’t just missing a couple of endpoints, according to Tanium. Rather, a significant number are going unsecured. On average, Tanium finds 12 percent to 20 percent more unmanaged endpoints when working with its customers to establish a security baseline. In the Federal sector, it’s different. Tanium has found that Federal agencies typically have fewer endpoints than they believe exist, which can cause them to spend more on software licenses than they need to.
Once an organization has strong visibility into its network and devices, it can use that information to better shape IT and security policies.
“A very consistent theme we hear from C-level executives is that visibility is one of the most important things they need to operationalize their IT and security policies,” Maxwell said. “Tanium allows organizations to ask very simple questions about their network and get real-time information back.”
Both Parelskin and Maxwell agree that cybersecurity needs to be more than a bolt-on or an afterthought. Cybersecurity solutions need to be unified and work together to keep things secure. Maxwell argues that this is where Tanium offers significant value for its customers.
“You look at how organizations have gone around securing their infrastructure, and they’ve been put at a disservice based on how the market has evolved,” Maxwell said. “Organizations have always bought a product to solve an individual need or problem. Typically organizations have 20-30 vendors inside their network and are looking for something to stitch it all together and that’s not really viable. What Tanium does is deliver a unified platform.”
The DoD contract was disclosed by the DIUx in its latest quarterly summary of awards on Oct. 28. The contract was finalized on Sept. 25 and its base value is $35 million. While the contract can be renewed for five years, it operates on individual one-year commitments.
Tanium’s endpoint security management product will be combined with WWT’s managed services to support the size and complexity of the Army’s network, according to DIUx.