Cybersecurity Best Practices – A Conversation with Doug Shepherd at Tanium Converge – Futurum Tech Webcast

Cybersecurity Best Practices - A Conversation with Doug Shepherd at Tanium Converge

On this episode of the Futurum Tech Webcast, host Shira Rubinoff is joined by JLL‘s Doug Shepherd, Senior Director, Offensive Security, for a conversation on the key insights and takeaways from Tanium’s Converge Conference.

Their discussion covers:

  • The evolving landscape of cybersecurity challenges faced by organizations today
  • Strategic insights into offensive security measures
  • Best practices for organizations to enhance their cybersecurity posture
  • The role of collaboration and knowledge sharing in advancing cybersecurity defenses
  • Future trends and predictions in cybersecurity

Learn more at JLL.

Watch the video below, and be sure to subscribe to our YouTube channel, so you never miss an episode.

Or listen to the audio here:

Or grab the audio on your streaming platform of choice here:

Disclosure: The Futurum Group is a research and advisory firm that engages or has engaged in research, analysis, and advisory services with many technology companies, including those mentioned in this article. The author does not hold any equity positions with any company mentioned in this article.

Analysis and opinions expressed herein are specific to the analyst individually and data and other information that might have been provided for validation, not those of The Futurum Group as a whole.


Shira Rubinoff: Hi, this is Shira Rubinoff, president of Cybersphere, a Futurum Group. I’m here with Doug Shepherd, at Tanium’s Inverge Conference and the first stop of the world tour. Doug, it’s such a pleasure to be with you here today. Please introduce yourself to our audience?

Doug Shepherd: Pleasures mine. Yeah, so I’m Doug Shep Shepherd. Most people call me Shep. And I run offensive security and insider threat at JLL. I’m a senior director there. JLL is a very large commercial real estate company, and we have a lot of endpoints, and we are in about 80 countries.

Shira Rubinoff: Let’s get right to it here at the Tanium Conference, and typically in the past, organizations would buy technology based on who else was buying that technology? But as advancement of technology happens and our advancement in terms of our security world, we now know all the organizations are looking for the best fit and the right product for the organizations because there’s no one size fits all. So I’m curious, what led you to Tanium?

Doug Shepherd: So coming into COVID, we had a lot of tech debt. And we realized that tech debt almost immediately, that we just didn’t have enough telemetry and visibility into our endpoints to know what was happening when they weren’t in one of our buildings and instead were in our employees’ homes. And so we immediately realized we needed some sort of solution to address that, and Tanium really is the only player in that market that would allow us to get that kind of visibility, that kind of inspection, that kind of instrumentation on our endpoints.

Shira Rubinoff: So let’s talk about visibility for a moment. What level and what depth of visibility is provided, and what is needed? Maybe the plus industries.

Doug Shepherd: I would always say you need a little more visibility than you have. So for us, we didn’t have enough visibility into patching, even enough visibility into what employees were doing day in and day out and how that would impact sort the security of the endpoint, so without that level of visibility, we were just hoping that our security really would fix that visibility issue, and it really wasn’t because we were only getting visibility if somebody had malware on their endpoint, and there’s a lot between good and definitively evil.

Shira Rubinoff: Certainly, and now we’re positioned in the industry, it’s if we’re going to be attacked, it’s when, and every organization’s sitting there, “When is it going to happen? Are they going to pull the trigger? Is it going to happen here?” So sitting there in your organization and understanding the needs, the visibility, the types of security you have to have with organizations, how important it is to find the right fit and not just a solution that would just cover what is needed.

Doug Shepherd: That’s right, and frankly, our security stack before coming in had been a threat we thought that we were responding to, and that ended up needing to evolve quite a bit, right? So we’d gone with best in breed solutions just because we felt like it was the right thing to do, but whenever it really came push to shove, we found that the solutions were not delivering the performance and the security we’d expected them to. So Tanium allowed us to see that, to get insight into, there was a lot more happening on the endpoint than just malware, and there was even malware that was happening on the endpoint that we weren’t really being notified about with our solution before moving to Tanium and now MDE.

Shira Rubinoff: Oh, that’s really important now, thank you for sharing that. And let’s just make it a little broader across the cybersecurity atmosphere itself. Where would you say our world is going in the cybersecurity atmosphere? What do we have to pay attention to, and what are the biggest threats that you perceive to be in the cybersecurity world?

Doug Shepherd: Absolutely. I could talk about this for days and I rant on.

Shira Rubinoff: Go ahead, time’s yours.

Doug Shepherd: So a lot of people are concerned about Chinese intrusions or Russian intrusion nation state intrigue in their networks, and it doesn’t make sense. At the end of the day, what you should really be concerned about is ransomware. You should be worried about your users clicking on things, and you shouldn’t be worried about some nation state trying to steal your secret cookie recipe or something like that. You should be more worried about threats to your revenue, to your reputation. Data loss events, like we saw last year with MOVEit. Those are the big events people should be concerned about unless about the nation state intrigue.

Shira Rubinoff: Certainly. And I always ask people who I interview, what is one pointer you give our audience about being cyber secure? What would you say is, “This is something you should think about.”

Doug Shepherd: You need to have a slightly longer password. Whatever your password is today needs to be slightly longer.

Shira Rubinoff: Well, Doug, it’s such a pleasure speaking with you, and thank you for all your insight and I hope you enjoy yourself here at Converge.

Doug Shepherd: Pleasure’s mine. Thank you very much.

Shira Rubinoff: Thank you.

Author Information

Shira Rubinoff

Acclaimed cybersecurity researcher and advisor, Shira is a global keynote speaker and presenter, and expert media commentator. She joined The Futurum Group in February 2024 as President, Cybersphere.


Latest Insights:

The Futurum Group team assesses how the global impact of the recent CrowdStrike IT outage has underscored the critical dependency of various sectors on cybersecurity services, and how this incident highlights the vulnerabilities in digital infrastructure and emphasizes the necessity for robust cybersecurity measures and resilient deployment processes to prevent widespread disruptions in the future.
On this episode of The Six Five Webcast, hosts Patrick Moorhead and Daniel Newman discuss CrowdStrike Global meltdown, Meta won't do GAI in EU or Brazil, HP Imagine AI 2024, TSMC Q2FY24 earnings, AMD Zen 5 Tech Day, Apple using YouTube to train its models, and NVIDIA announces Mistral NeMo 12B NIM.
An Overview of Significant Advancements and Announcements in the AI Software and Services Market in June 2024
Keith Kirkpatrick, Research Director with The Futurum Group, covers the highlights in the enterprise AI market in June 2024, featuring key players such as Apple, Meta, OpenAI, Stability, Google Deepmind, Meta, and McDonald’s.
An Overview of Significant Advancements and Announcements in the Enterprise Applications Market in June 2024.
Keith Kirkpatrick, Research Director with The Futurum Group, covers the highlights in the enterprise application market in June 2024, featuring players such as Salesforce, Pegasystems, SAP, Microsoft, Adobe, Oracle Netsuite, and more.