Armis Strives To Be The ‘Google Maps’ For Protecting Your Technology

Google Maps is a pretty awesome tool. As a basic map, it has everything you need to find a location and get from Point A to Point B. But, Google Maps also goes much deeper than that—providing details and context that dramatically enhance the information available. Armis—a company founded in 2015 to helps organizations discover and secure assets in their environment—wants to bring that same level of detail and context to managing and protecting your network.

Armis recently closed a $300 million round of funding led by One Equity Partners (OEP). The investment increased the company’s valuation to $3.4 billion—only 8 months after it hit the $2 billion valuation milestone. The infusion of cash will enable Armis to accelerate platform development and go-to-market initiatives, and also support future acquisitions to help Armis achieve its vision.

Expanding Beyond IoT

I have followed Armis for a few years now. The company quickly established itself as a leader in asset visibility with a focus on identifying and protecting IoT (internet-of-things) devices. The explosion of IoT devices has exponentially increased the number of connected devices that make up an organization’s attack surface. Many IoT devices lack basic security controls and can’t be easily patched or updated—making them a prime target for threat actors and a major Achilles heel for cybersecurity.

As the company has grown and matured, though, Armis has also expanded its scope beyond IoT. Armis now claims to have comprehensive asset visibility and security intelligence for all assets and environments. The Armis platform is designed to provide deep context, detect vulnerabilities, and reduce risk across IT (information technology), IoT, IIoT (Industrial internet-of-things), IoMT (internet-of-medical-things), ICS (industrial control systems), and OT (operational technology) environments.

The “Google Maps” of IT/OT

I spoke with Yevgeny Dibrov, co-founder and CEO of Armis, about the latest funding and what it means for the future of Armis. The company is already an established leader in its market, so I was curious what the vision is for leveraging this investment and how Armis will use the funding to get to the next plateau and continue to drive momentum.

Dibrov explained, “I think the way our customers are looking at Armis today, and the way we are building when we talk about the vision is really the “Google Maps” of their organization. So, it's basically having every asset in your environment in every type of environment.”

“Basically, the goal for Armis—the way Armis has grown—is really to give you one place to [manage and protect] every asset in your environment, and on top of that, build all the context around risk, vulnerability, threat assessment, threat detection, and going wide across every type of asset the organization has in every environment,” continued Dibrov.

As I mentioned above, the primary focus of Armis a few years ago was visibility and protection of IoT devices. The expansion to OT, ICS, and other environments makes perfect sense for two reasons. First and foremost, you can’t protect what you can’t see or what you don’t know about. It is crucial for effective security to have an accurate inventory of every asset on your network so you can be aware of every potential attack vector or exposure to risk.

The other reason is that OT and ICS environments are very similar to IoT because most of the OT and ICS devices were not built with internet connectivity or security in mind. These things are all being interconnected for more centralized and streamlined management, but many of the devices don’t have inherent security controls. That’s why organizations need a platform like Armis to provide visibility into where all of these assets are, context around the risk they represent, and a layer of defense that helps organizations protect devices that are not designed to protect themselves.

When people think of IoT and connected devices, they often think of things like Nest thermostats, Ring video doorbells, or internet-connected kitchen appliances. The reality, though, is that those things are a small fraction—not even the tip of the iceberg—of the massive volume of IoT devices out there. IoT and OT devices form the backbone of things like manufacturing, shipping and logistics, and critical infrastructure industries like transportation, oil and gas production, gas and electricity, and water treatment.

Dibrov asserted that these environments make easy targets for threat actors because they are comprised of devices that are typically the oldest and least protected. He stressed that this is why organizations need to have a layered perspective to understand the context and risk exposure—the depth of information that goes beyond the basic map of network assets and draws the comparison with Google Maps.

“Imagine you have an asset. It's not enough to say here is a specific industrial controller—like Rockwell—with this specific operating system running. It's also about what—from a risk standpoint also vulnerability management and basically vulnerability information—what that device is doing. So, it's really a lot about the context of what we built on top of that.”

Build, Buy, or Partner

While one of the stated potential goals for the funding is to support future acquisitions, Dibrov also acknowledged the importance of integrating with key partners. Armis is focused on strategic partnerships that enhance the capabilities of the platform and expand its reach in the market. He cited partnerships with Checkpoint and IBM as examples of strong partnerships that bring value and make sense for customers.

“I think that the areas we would look at whether to build more or to potentially buy is that map that I was talking about. Like more layers on that map—for example more specific risk for specific areas or types of assets,” explained Dibrov. “This can be an interesting area, like vulnerability information for different areas. We have a lot around that that we’ve built, and definitely we want to strengthen those areas.”

Cyber attacks are not showing any sign of slowing down any time soon, and organizations are struggling to defend an exponentially expanding and increasingly complex attack surface. Effective security for such environments requires comprehensive visibility and an accurate inventor of assets, as well as the context of each asset and the potential risk it represents. It is a challenge organizations need help with, and Armis is working to provide customers with a solution that addresses that challenge.

Comments are closed.