Skip to main content

April 26, 2018

Thoughts on Breach of Trust vs. a Breach of Security

General thought: A breach of trust is different than a breach of security. Trust and security, while related, are very different from each other. In r...

See Details

September 25, 2017

DDoS Threats: Are Your Third Parties Protecting You?

There’s evidence that ransomware may be evolving beyond holding data hostage. In recent news, DDoS attacks were used as a threat against organizations...

See Details

July 28, 2017

DEF CON is Here: A Reminder to Manage and Remediate Security Vulnerabilities of Your Third Parties

Every year I like to take a look at the talks at Black Hat and DEFCON to see if there are areas of risk I need to review. This year, like others, has ...

See Details

May 24, 2017

Three Steps for Management and Remediation of Security Vulnerabilities with Third Parties

Over the years, security organizations have had to deal with many vulnerabilities that required quick response and remediation. Some examples that com...

See Details

May 17, 2017

Ransomware Kill Chain and Controls - Part 2: Once the Crying is Over, the Controls Must Kick In

In the first part of the blog series, we alluded to the impending danger of ransomware campaigns. It appears the concerns were justified, given the si...

See Details

April 06, 2017

Three Steps to Enhancing Your Third-Party Risk Program

In the world of third-party and vendor risk management, many new practices are being adopted. Over the past few weeks, members of Optiv’s third-party ...

See Details

April 20, 2016

Ransomware Kill Chain and Controls - Part 1

With the rising threat of ransomware, we continue to see more and more coverage of the topic in the news and in marketing campaigns. I guess about hal...

See Details

February 11, 2016

Reducing Your Personal Attack Surface

Many of us are consumers of technology, I would consider myself in the upper echelon of this group. I own multiple laptops, desktops, servers, cloud-b...

See Details

April 08, 2015

Preparing for a Boardroom Discussion - Expect the Expected

Organizations must focus on many areas within the business to ensure corporate data and assets are secure. Even though there are competing priorities,...

See Details