Older article with AON's CISO .... this fella prev

Quote:

---

Anthony Belfiore, chief security officer, Aon

As one of the largest insurance and reinsurance businesses, Aon is a big target for prospective hackers. Aon CSO Anthony Belfiore says he is most concerned about distributed denial-of-service (DDOS) attacks. In an attempt to integrate businesses more quickly, most enterprises have largely consolidated their computing systems. They tend to run corporate software, including VOIP, chat and email on one central system. This isn’t just an on-premises scenario as many companies are also centralizing their computing capabilities to cloud vendors. If a cloud vendor goes down ---as Amazon Web Services did last month -- the companies using it feel it immediately.

[ State of the CIO 2017 research report ]
"God forbid someone drop a cyber nuke or DDOS from malware -- they can take down a whole environment," Belfiore says. "If we're down it doesn't really matter how secure we are -- we have a problem."

Even so, security chiefs have to protect their data. Aon is a heavy consumer of Tanium, whose endpoint security software monitors IT operations and detects malware, among other threats. Belfiore says the software covers anything from kernel operations of a server processor to the application portfolio that is operating on it.

“Think of it as an agent, almost like a spy to every asset on environment to give you real-time status on any attribute related to operations and security,” says Belfiore who joined Tanium’s board of directors this year. “It's almost like a central management system on steroids for security and operations.”

This isn’t Belfiore’s first brush with Tanium, which Target implemented in the wake of its 2013 breach. Prior to joining Aon, Belfiore used Tanium to track software licenses at First Data and to wipe out shadow IT at JP Morgan Chase.

---