SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
New Zealand
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware
Search
#
Cloud Security
#
Risk & Compliance
#
AI

Exclusive: Tenable's growth driven by strategic moves and channel focus

Today
Author image
By Melania Watson, Interview Editor

Tenable is making clever and strategic moves to strengthen its position as a leader in exposure management.

With a strong focus on proactive security and a robust channel-first strategy, the company continues to see impressive growth.

Senior Vice President of Product, Jason Merrick, recently shared insights into Tenable's recent acquisition, market trends, and how the company is helping organizations reduce risk.

"We're the category creator of exposure management," Merrick explained. "We help organizations have visibility across the attack surface - whether that's cloud, identity, traditional IT, or operational technologies."

Driving optimization through Tenable One

A major contributor to Tenable's growth has been the launch of Tenable One - a comprehensive platform designed to provide organizations with a full view of their attack surface.

"Tenable One provides a portfolio of products that address visibility across the attack surface," Merrick said.

He highlighted the growing challenge organizations face in securing their cloud environments. "Cloud is by far the fastest-growing area that organizations are struggling to put their arms around," he explained. Tenable One helps businesses manage this complexity by building visibility, analyzing data, and prioritizing threats through contextualization.

"For example, we can identify a server that's running in Amazon that's misconfigured, has a high vulnerability, and is externally facing with open ports - making it one click away from a ransomware event," he said.

Vulcan Cyber acquisition strengthens capabilities

Tenable's recent acquisition of Vulcan Cyber adds significant capabilities to its offering. Merrick explained that the acquisition expands Tenable's ability to ingest third-party security data.

"With Vulcan, we now have the ability to bring in XDR information, cloud security data, and other third-party data sources."

He outlined three key benefits of the Vulcan acquisition: improved visibility across attack surfaces, enhanced analytics capabilities, and better integration with customer ecosystems.

"This allows us to help organizations move away from Excel spreadsheets and manual processes," Merrick said.

"It's about creating a single dashboard view that helps organizations see everything they need to take action."

Embracing a channel-first strategy

Tenable's unique 100% channel-first strategy is a major differentiator in the industry. "In my entire career, I've never worked for a company that is 100% channel driven," Merrick said.

He emphasized that this model builds strong relationships with partners. "We don't have house accounts where we bypass partners. This creates loyalty and enables us to have very tight relationships with our channel partners."

The channel-first approach also supports scalability. "For startups, leveraging the channel can fast-forward your ability to reach customers," he added.

"For larger enterprises, it provides a valuable way to meet customer purchasing preferences and deliver technology in a way that fits their needs."

The role of AI in cybersecurity risks

Merrick acknowledged the growing threat of AI in cyberattacks. "Threat actors are using AI as a fast-forward button," he said. "They create AI agents that autonomously scan for vulnerabilities. Attackers are using AI to accelerate reconnaissance, identify misconfigurations, and exploit weaknesses faster than ever."

To mitigate this risk, Merrick recommends organizations adopt AI governance policies and strengthen oversight.

"Many organizations are building AI governance boards to regulate how employees use AI and to protect their environments," he said.

The future of exposure management

Exposure management is rapidly evolving, and Merrick believes it's still in its early stages. "We're in the first chapter of that book," he said. "The future is about ensuring organizations can see the unseen, have complete asset visibility, and build out comprehensive inventories."

He emphasized the importance of integrating exposure management tools with an organization's existing ecosystem.

"The future is about tying visibility, analytics, and action together into a mobilization process that drives remediation faster."

The risks facing key industries

With the rising number of data breaches, Merrick identified financial services, healthcare, and manufacturing as industries facing the highest risks.

"Threat actors are targeting rich sources of data," he said. "Healthcare organizations in particular have been increasingly targeted."

He cited the growth in publicly disclosed data breaches as a worrying trend. "We've seen 100% year-over-year growth in the number of public breach announcements," he added.

The power of proactive security

Tenable's proactive security approach is at the heart of its strategy. "It all starts with building an inventory," Merrick explained.

"Organizations need visibility into their IT infrastructure, identities, and cloud security to understand their environment."

From there, Tenable helps organizations analyze vulnerabilities, misconfigurations, and toxic combinations. "Proactive security means identifying and resolving risks before they turn into breaches," he added.

A strong culture of collaboration

Merrick described Tenable's working environment as tightly knit and highly collaborative. "We have a concept called 'One Tenable' that ensures we break down silos before they form," he said.

"Despite being a global company with over 2,000 employees, we maintain a strong culture of information sharing and teamwork."

The late CEO, Amit Yoran, was instrumental in fostering this culture. "He always wanted us to act like a startup with an 'all for one, one for all' mentality," Merrick said.

"Our current co-CEOs have maintained that philosophy."

Opportunities in exposure management

Merrick believes the biggest opportunity in exposure management lies in helping organizations manage data overload. "Organizations struggle with multiple sources of data," he said.

"The key is aggregating that information, identifying actionable insights, and driving remediation faster."

He concluded: "The biggest opportunity is helping organizations see the unseen and take swift action to reduce risk."

Related stories
Medusa ransomware threat continues to challenge firms
Brivo unveils cloud-based platform to simplify security
Harnessing Automation and AI to Transform IT and Business Management
Mandiant uncovers UNC3886 cyber-attack on Juniper routers
DigiCert digital trust solutions now on AWS Marketplace
Top stories
February 2025 reports record spike in ransomware attacks
Titan of Tech - Nadene Serman of Infotrack
CASwell introduces AI-enhanced fan-less cybersecurity device
US leads global online fraud rates, new study reveals
Exclusive: GBG's Carol Chris on innovation, fraud prevention and growth