November 12, 2020updated 13 Nov 2020 3:29pm

CTO Talk: Q&A with Tenable’s Renaud Deraison

By Robert Scammell

Renaud Deraison is the CTO and co-founder of Tenable, a cybersecurity company that provides vulnerability management software.

Deraison is known for inventing Nessus in 1998, one of the most widely used security technologies on the planet. He has authored several patents related to network scanning and security and has spoken at cybersecurity sessions during the World Economic Forum in Davos in 2019 and 2020.

In his role as CTO, Deraison oversees product R&D, helping to develop Tenable’s cyber exposure platform for businesses to view their cyberattack surface via a dashboard.

In this Q&A, the 37th in our weekly series, Deraison provides a simple way to spot tech hype, explains the need for security as “guardrails, not inhibitors” and shares why it’s important to accept your limits.

Rob Scammell: Tell us a bit about yourself – how did you end up in your current role?

Renaud Deraison: I ended up in my role by accident if I’m being honest. I released a piece of open source software, called ‘Nessus’, back when I was in high school. It is used to audit a network for known vulnerabilities. Much to my surprise, it gained in popularity and I started to receive requests from end-users. This led to me co-founding Tenable to take this technology to the next level.

What’s the most important thing happening in your field at the moment?

With the rise of cloud computing, SaaS, IoT and more, we’ve never seen the enterprise digital infrastructure so decentralised, and yet – as we’ve seen with Covid it’s never been so strategic for every company. We continue to see an acceleration towards the cloud, which is fantastic, as it allows businesses to focus on what they do well while delegating functions to other specialists. For example, email is now 100% SaaS-based for the vast majority of companies.

The challenge is to continue this expansion while keeping control of the security of these components, making sure that the security policy of a company functions as guardrails and not inhibitors to this radical shift.

Which emerging technology do you think holds the most promise once it matures?

I’m not sure if it’s still considered emerging, but containers are pretty promising — not so much in how they function, but more in the changes they introduce in terms of workflows and life cycle.

How do you separate hype from disruptor?

To me, a disruptor is something that you tend to see in action in a somewhat low-key way. Hype is when people start preaching the virtue of a technology they’ve not even deployed yet.

What’s the best bit of advice you’ve been given?

To know my limits. Understanding what you can and can’t do. Once you know and accept your limits, you’re properly set up to push them further.

Where did your interest in tech come from?

I’ve always liked computers, and networking even more so. The idea that you can interact with a physical system across the ocean always sounded magical to me.

What does a typical day look like for you?

Mostly meetings, some very technical, some business strategic. I really enjoy straddling the full “business stack” at Tenable, this is what has kept me passionate about this job for so long.

What do you do to relax?

I enjoy watching TV. With the advent of streaming services, I try to watch shows from various different countries as I find it an interesting way to expand my understanding of different cultures.

Who is your tech hero?

Steve Jobs. I know it’s a cliché. He had his own unique temperament but his acumen for tech was second to none.

What’s the biggest technological challenge facing humanity?

With global warming, I think sustaining our growth, maintaining our lifestyle and being more eco-friendly will be a tough challenge. As most of us want to pick all three, where do we start?

Read more: CTO Talk: Q&A with CircleCI’s Rob Zuber


Verdict deals analysis methodology

This analysis considers only announced and completed cloud-deals deals from the GlobalData financial deals database and excludes all terminated and rumoured deals. Country and industry are defined according to the headquarters and dominant industry of the target firm. The term ‘acquisition’ refers to both completed deals and those in the bidding stage.

GlobalData tracks real-time data concerning all merger and acquisition, private equity/venture capital and asset transaction activity around the world from thousands of company websites and other reliable sources.

More in-depth reports and analysis on all reported deals are available for subscribers to GlobalData’s deals database.

Topics in this article: ,