a16z Podcast: The Fundamentals of Security and the Story of Tanium’s Growth

Ben Horowitz and Orion discuss the state of enterprise security, and how Tanium’s block and tackle — not cloak and dagger — approach has defined the company’s technology and also led to its tremendous growth.

The company thought they had 22 methods of getting in and all of them were locked down like Fort Knox.  He found 15,000 ways of getting out.

DoS explanation

Imagine a post office.

It has an entrance, a counter with a clerk who deals with the customers and their packets. The clerk is a multi-tasking talent with a lot of arms to deal with packets on the counter.

The counter has a certain width, so a certain number of customers can be processed at the same time.

The clerk has a small adress book with adresses where to send the packets. Some pages are blank, he can input new addresses.

Behind the counter and the clerk are a certain number of shelfs, where the assistant of the clerk puts packets until they can be further processed and sent.

There are now several cases for a DDOS / DOS attack in this metaphor.

Why Hospitals Are the Perfect Targets for Ransomware

Hospitals are the perfect mark for this kind of extortion because they provide critical care and rely on up-to-date information from patient records. Without quick access to drug histories, surgery directives and other information, patient care can get delayed or halted, which makes hospitals more likely to pay a ransom rather than risk delays that could result in death and lawsuits.

“If you have patients, you are going to panic way quicker than if you are selling sheet metal,” says Stu Sjouwerman, CEO of the security firm KnowBe4. Hospitals are a good target for another reason as well: they “have not trained their employees on security awareness … and hospitals don’t focus on cybersecurity in general,” he says. Instead, their primary concern is HIPAA compliance, ensuring that employees meet the federal requirements for protecting patient privacy.

.. “You don’t have to lock an entire network,” Sjouwerman says. “You just need to find where are the critical files in a network—what servers are serving up the millions of files that most workers use…. And you only need to lock maybe two or three file servers to essentially block the whole network.”

.. “All-employee access groups are the exact type of data under attack by Ransomware,” says Adam Laub, a senior vice president at STEALTHbits. “It’s like getting a key to your hotel room and discovering that it actually gives you access to many other rooms as well. All a would-be intruder needs to do is try it in each door…. If access rights to file shares were better controlled via groups with only the proper users, the ability for ransomware to rapidly spread far and wide would be drastically reduced.”