Skip to content

Tanium & Charles River Associates

Combating IT & Cyber Challenges

Tanium + CRA Partnership

CRA Services Built on the Tanium Platform

Charles River Associates (CRA), a leading global consulting firm specializing in economic, financial, and management consulting services, has a long-standing strategic alliance with Tanium to provide clients with services that reduce cyber risk, reduce attack surface, and effectively manage threats and vulnerabilities.

CRA uses Tanium across multiple proactive and reactive solution areas, including Cyber Incident Response, Compromise Discovery Assessments, and strategic security consulting.

Tanium and CRA help increase visibility, mitigate risk, manage threats

The rapid shift to a work-from-home culture has exposed critical IT gaps, such as unmanaged computers and servers, and pitfalls in information security hygiene.

Cybersecurity can be an enabler – not a hinderance – to your business.

We have teamed up to help our clients through a unified endpoint management and security platform.

Together, we help address challenges with clients who are:

Unclear if and where legacy unsupported software versions exist that create an exposure point

Uncertain if key security controls are in-place across all corporate assets, and determine IT hygiene

Unable to determine the quantity and software of servers and workstations (assets) in the environment

Struggling to properly remediate security gaps without having full visibility across all endpoints in the environment

Challenged with the ability to detect the presence of active compromises and threat actors present in their environment


Tanium Deployment Services help you deploy and optimize your Tanium investment

Today’s leaders are faced with too many projects, too few people, and too little time to take on the operational design, deployment, and maintenance of new IT capabilities. Realize the full value of your investment to:

Increase ROI

Get a quicker return on your investment by setting up the Tanium platform rapidly and correctly

Reduce support costs

Get started with Tanium operations quickly, accurately, and without burdening your staff

Simplify implementation

Have a trained and experienced engineer deploy Tanium to bridge the knowledge gap and ensure implementation is done correctly using best practices

Gain insight

Have faster access to incredibly rich and accurate data provided by Tanium through CRA’s deployment services

Leverage product modules

Save cost by consolidating endpoint tools and increasing service levels with the benefits of the speed, scale, and visibility that Tanium delivers


CRA’s Forensics Services practice

Helping clients and their counsel get to truth when allegations arise of fraud, misconduct, cybercrime and non-compliance — thereby reaffirming their commitment to integrity.

Deep insights

CRA delivers deep insights more quickly as a result of its commitment to deploying cross-trained teams of experienced forensic professionals.

Operating from ten countries around the world, CRA’s clients over included 97% of the AmLaw 100 law firms, and 78% of the Fortune 100 companies.

Our Forensic Services Practice has been recognized by The National Law Journal as being one of the top three Forensic Accounting Providers in the country, and by Global Investigations Review as one of the leading investigative consultancies from around the world for handling sophisticated cross-border, government-driven and internal investigations. In 2021, we were honored with a Chambers ranking in recognition of our deep litigation support, crisis and risk management competencies.

The Practice – including our state-of-the art digital forensics, eDiscovery and cyber incident response lab – has been certified under International Organization for Standardization (ISO) 27001:2013 requirements as part of our industry-leading commitment to our clients and their information security. CRA maintains private investigator licenses in multiple jurisdictions, as listed on our website.

ISO certified

The Practice, including CRA’s state-of-the art digital forensics, eDiscovery and cyber incident response labs, has been certified under the International Organization for Standardization (ISO) 27001:2013 requirements as part of its industry-leading commitment to clients and information security.


“Information security vulnerabilities and missing critical patches continue to be one of the leading concerns for boards, General Councils and CEOs. CRA consultants have been working closely with Tanium for years to address these challenges, as well as mitigate and detect threats and attacks. Through this strategic alliance, we’re now combining CRA’s incident response, threat detection, and cybersecurity consulting capabilities with the scalability of Tanium in new ways to rapidly address key information security challenges associated with remote work.”

Aniket Bhardwaj VP, Global Cybersecurity & IR Services CRA

“Our combined team can help GCs assess and address regulatory compliance, legal risk, and disclosures to investors and creditors. In the current environment, cyber criminals are increasingly brazen, and the risk of employee data security theft and non-compliance has never been higher. We help bridge the gap between legal, information security, and the business, thereby helping to unleash the full power of the organization.”

Kristofer Swanson Forensic Services Practice Leader CRA

CRA + Tanium Partnership

Increase visibility. Mitigate risk. Outrun attackers

In the evolving nation state and cybercrime landscape businesses, organizations and cyber insurance providers must constantly challenge their assumptions and standard business processes to mitigate the continued increase of state sponsored and ransomware attacks. A cyber security breach is a hazard that no organization can ignore in the modern world due to our growing reliance on information technology. Whether the consequence of a system malfunction, human error, or cyberattack, a data breach might be fatal to your company, disrupting operations, tarnishing its brand, and causing significant financial losses.

To address these challenges, CRA offers its clients security investigative and regulatory review service that specifically addresses the needs of clients. CRAs services, powered by Tanium, helps alleviate threat management challenges of incomplete visibility, poor security hygiene practices, inadequate patching and vulnerability reviews, sensitive data, insider threats, and uncontrolled access privileges.

CRA has developed a cyber solution tailored to multiple industry sectors such as Healthcare/Life Sciences, Financial Services & Insurance, Manufacturing, Utilities, and Retail/Hospitality. Our solution combines the inter-dependent areas of IT asset management, incident and threat managements, enterprise risk and crown jewels identification.

CRA + Cyber Insurance Providers

Cybersecurity Hygiene Services for insureds of leading global insurance carriers

  • A cyber security breach is a hazard that no organization can ignore in the modern world due to our growing reliance on information technology. Whether the consequence of a system malfunction, human error, or cyberattack, a data breach might be fatal to your company, disrupting operations, tarnishing its brand, and causing significant financial losses.
  • CRA’s Information Security Hygiene Services, powered by Tanium, provides visibility into the security hygiene posture of the endpoint estate. The snapshot identifies current asset inventory, unsupported operating system versions, and vulnerable applications within the IT environment. The findings include real-time data on missing security updates and potentially sensitive data.
  • The security hygiene snapshot gives organizations the confidence to accurately answer questions such as:
    • How vulnerable are my mission-critical assets?
    • Are we achieving our posture improvement goals?
    • How are we doing against our industry peers?
    • What should we be doing to become more secure?

Illustrative example: The Panama Papers

The infamous Panama Papers Incident offers an illustration of what can go wrong from an IT and cyber perspective, and what could have been done to avoid, prevent, and mitigate the damage.

Panama Papers summary

11.5 million leaked encrypted confidential documents exposed the network of more than 214,000 tax havens involving people and entities from 200 different nations

How CRA could have helped

  • Hygiene checks would have shown outdated, vulnerable systems
  • Incident Readiness would have helped with effective communication strategy
  • Adversary simulation would have identified the attack surface
  • Helping train the IT and Security staff on incident handling Developing ongoing security strategy

What went wrong?

  • Unpatched systems, systems lacking encryption, insecure network design
  • Poor cybersecurity hygiene
  • Lack of effective security controls

Ready to learn more?