As the U.K. government lays out its plans to keep domestic businesses safe from cyber attacks, one company looking to take advantage is Tanium, one of the leaders in the new breed of cybersecurity companies.
Instead of firewalls and pre-packaged security software, Tanium takes a network-first approach, mapping an organisation's network endpoints (any internet enabled piece of hardware on a company network) and then monitoring for breaches at device level.
The rise of these new security firms has been branded the cyber security bubble, as funding piled in during 2015. Tanium seems to have weathered the investor slowdown and is positioned well enough to start planning a 2017 IPO. Similar American firms include Tenable and Cloudflare, as organisations have more and more touchpoints to protect than just their on-premise systems.
Tanium has some serious Silicon Valley heft behind it, with more than $300 million (£238 million) in venture funding, including serious investments from VC heavyweights Andreessen Horowitz, with Ben Horowitz sitting on the Tanium board. It's the speed of response the Tanium system gives security teams which apparently convinced Andreessen Horowitz to make their biggest ever bet on Tanium.
The startup was valued at $3.5 billion back in September 2015 and has expanded globally since, with offices in Tokyo, Sydney, and a U.K. office in Reading.
U.K. startup Darktrace makes similar promises and has raised Valley-esque funding so far with more than $100 million (£79 million). Scott Rubin, CMO at Tanium and former PR man for Andreessen Horowitz, says he had never heard of the rival firm.
When told what they do, Rubin said the company sounded like an American rival called Illumio and that they take a different approach. "The kind of visibility we give you, there is some element of detection but we are more about managing and securing those end points rather than flashing up warnings. That's what Illumio does."
The father and son team David and Orion Hindawi founded Tanium in 2007, and brought it out of 'stealth mode' after they sold their first business, BigFix, to IBM in 2010. At BigFix the learned a way to manage ever larger and more complex networks seen within the enterprise, so with Tanium they focused this knowledge on securing networks of connected devices.
Rubin explained to Computerworld UK: "What they invented was a peer to peer model that is the core of the platform, instead of the old server asks a question and wait for it to come back, which could take weeks." With Tanium IT teams can ask questions in natural language, such as "how many devices are on my network", and gives a response in seconds.
How does it work?
How does it do this? Once the Tanium 'agent' is installed in your data centre, the endpoints form a linear chain and periodically ping status updates back to the server agent, instead of the cumbersome hub and spoke model IT teams would have previously been encumbered with. The speed is achieved by the server querying a small set of endpoints along these linear chains and collecting aggregate results.
The company then builds point tools on top of this architecture to help IT teams discover what exactly is sitting on their network, detection tools for compromises and tools to help organisations remain compliant. On the classic software-as-a-service business model, customers can pick and choose which point solutions they want to pay for once they have installed the core agent.
The U.K. market
Rubin won't be drawn into naming Tanium's U.K .customers, but he says the list includes financial services and manufacturing firms and that the region is its second most important market after the U.S. In the U.S. it works with big enterprises like Visa, Amazon, and Target, which called Tanium pretty soon after its devastating 2013 data breach.
Rubin has been impressed by recent UK government moves to bring cyber security to the forefront within the business community. "Here with the national Cyber Security Centre and the strategy, government is really leading and trying to guide industry - in the US that is the opposite," he says.
"The struggle with the US is they don't want to listen to what industry is doing. In the US it is about the spending millions on bespoke solutions that solve problems that don't exist anymore."
Rubin recognises that Tanium doesn't have the same brand presence here as in the USA, but believes the UK's more pragmatic approach to cyber security makes conversations with potential clients easier. "The conversation here seems less fear-based and more forward looking," he said.
Until cyber security is a board-level priority it will continue to hit companies like Tesco Bank and TalkTalk hard, Rubin believes. He wants to see fluency in "cyber literacy as essential as financial literacy being a requirement to sit on the board".
"Until the executive start to see it as their responsibility and not just the IT people then we continue to have these problems," he says. "I don't know how many breaches it takes for businesses to see this as a general threat to their existence."