SAN FRANCISCO – Zero trust was again a leading issue at the annual RSA Conference. But in contrast to years prior, the focus at this year’s event was on reconciling what the security framework should look like in a post-pandemic world.

“For zero trust we, for so long, have relied on the fact that we could just put up better doors, better locks, better windows, better everything to keep people out,” Tanium Chief Customer Officer Charles Ross told SDxCentral during an interview at the conference.

COVID-19 essentially took that whole perimeter and threw it away, Ross added. “All the years we spent building fortresses went away the minute that pandemic arrived.”

As companies look to eliminate risk in an increasingly precarious environment, they often set out to buy hundreds of best-of-breed point solutions.

This “one of everything” mindset, Ross noted, has helped raise the industry value to around $160 billion. “We have invested so much in thinking that we need to buy all these different tools to solve problems,” he said. But many companies end up losing track of their assets, making solving problems like ransomware difficult.

There is power in knowing what's in your environment, Ross said. “Endpoint management is a space that has been neglected up until now.”

In order to effectively implement zero trust, Ross said organizations need to understand their endpoints, users, and data. “You've got to have all three of those things well understood and you have to do that holistically.”

Many organizations are ill equipped to deal with vulnerabilities where a patch isn’t made available, like in the case of the Microsoft vulnerability announced late last month, according to Ross. “Most companies right now lack the basic controls of their endpoint to be able to make a simple policy setting on every single system, and do that in a matter of seconds,” he added.

Ross referred to a framework Tanium calls “converged endpoint management,” as a means to better prepare for the growing attack surface. Ideally, converged endpoint management is the integration of IT operations, security, and risk teams from “a single pane of glass to provide a shared source of truth.”

“There's no one single answer, but everything happens on the endpoint, the network is no longer the place to be,” Ross said. “The power of the endpoint has never been greater than it is today.”

Ross predicts the second half of 2022 will see a proliferation of attacks targeted at organizations that don't know where their assets are and consequently, don't know where their data is located.

“You've created a perfect storm for an attacker to come right in and start attacking you in different kinds of ways,” he said.

A rise in the use of ransomware-as-a-service (RaaS) has contributed to what Tanium says is the largest attack surface in history. The availability of kits online has allowed even low-level hackers to access advanced tools, leveling the playing field for attackers and frustrating companies whose budgets are shrinking.

This, paired with the reality of a post-pandemic workforce, leaves companies more exposed than ever. “We sent all our users home and behind the firewalls, and now they're all living out in the real world and their systems live with them,” Ross said. “So I think we're gonna see a lot more ingenuity and a lot of companies that are just really struggling with the fundamentals right now.”

While Ross admitted there's not a silver bullet in security, he said he’s a “firm believer” that zero trust is the right approach to make it through the storm.

“What zero trust allows you to do is say, I don't care where you're at in the world, I don't care what you're doing. I'm going to make a decision based on you and your endpoint and what it's doing at this moment in time," he said. "And if you can get all that right, then you can make these decisions about what you want."