James Robinson

Director, Risk and Threat Management

James Robinson is responsible for our internal information risk management and threat management programs within information security and is a member of the Office of the CISO for Optiv. Robinson uses real world experiences to help enterprise-level organizations to solve their security and related business issues. He also develops and delivers a comprehensive suite of strategic services and solutions that help CXO executives change their security strategies through innovation.

 

DDoS Threats: Are Your Third Parties Protecting You?

· By James Robinson · 0 Comments

There’s evidence that ransomware may be evolving beyond holding data hostage. In recent news, DDoS attacks were used as a threat against organizations, shutting down their internet connections and holding the organization for ransom. DDoS attacks aren’t new. And while this new use of DDoS may be alarming, we need to pause and look at how business works in our interconnected world.

Continue reading 0 Shares

DEF CON is Here: A Reminder to Manage and Remediate Security Vulnerabilities of Your Third Parties

· By James Robinson · 0 Comments

Every year I like to take a look at the talks at Black Hat and DEFCON to see if there are areas of risk I need to review. This year, like others, has focused on different hacking and defensive techniques. It also included a theme on cloud components as well as IoT, and new vulnerabilities within both. If your organization develops these products, you have the ability to talk with the development teams and review the devices for the vulnerabilities.

Continue reading 0 Shares

Three Steps for Management and Remediation of Security Vulnerabilities with Third Parties

· By James Robinson · 0 Comments

Over the years, security organizations have had to deal with many vulnerabilities that required quick response and remediation. Some examples that come to mind include Heartbleed, Shellshock, numerous specific vendor product vulnerabilities, and as we saw recently: WannaCry. All of these advisories require our organizations to quickly assess the exposure and impact; however, many of us stop at our own infrastructure. As we have seen with mobile, cloud and continued outsourcing, maintaining focus within our own virtual walls is not enough. There is significant risk and exposure to information if we have decided to leverage a service offering or third party.

Continue reading 0 Shares

Ransomware Kill Chain and Controls - Part 2: Once the Crying is Over, the Controls Must Kick In

· By James Robinson, Nick Hyatt · 0 Comments

In the first part of the blog series, we alluded to the impending danger of ransomware campaigns. It appears the concerns were justified, given the size of the most recent cyber attack that hit countries worldwide on May 12. The WannaCry ransomware program, also called WannaCrypt, WanaCrypt0r and Wanna Decryptor, was launched by a group of cyber criminals causing computers in more than 100 countries to lock up and be held for ransom.

Continue reading 0 Shares

Three Steps to Enhancing Your Third-Party Risk Program

· By Peter Gregory, James Robinson · 0 Comments

In the world of third-party and vendor risk management, many new practices are being adopted. Over the past few weeks, members of Optiv’s third-party risk team have initiated conversations with key industry leaders through a series of roundtable discussions. These thought leaders own or participate in their organizations’ third-party strategies. During these sessions, we shared leading practices and principles, and identified a number of common trends.

Continue reading 0 Shares

Ransomware Kill Chain and Controls - Part 1

· By James Robinson · 0 Comments

With the rising threat of ransomware, we continue to see more and more coverage of the topic in the news and in marketing campaigns. I guess about half of all marketing emails I get are ransomware-oriented. It could be the lists I am on, but I think ransomware is shaping up to be the top marketed threat in 2016.

Continue reading 0 Shares

Reducing Your Personal Attack Surface

· By James Robinson · 0 Comments

Many of us are consumers of technology, I would consider myself in the upper echelon of this group. I own multiple laptops, desktops, servers, cloud-based workstations, tablets, mobile devices, smart fashionware and social media accounts, to name a few. But, with this enthusiasm and love for the newest gadget or tool to stay connected comes a new risk – one that organizations have been fighting for years, and the consumer is starting to face. This is the risk of your personal attack surface.

Continue reading 0 Shares

Financially Motivated Whaling Attacks

· By James Robinson, Ping Look · 0 Comments

On any given day, many people receive hundreds of emails. But when an employee receives an email from their CEO, CFO or another senior executive, they are more likely to notice and respond. Unfortunately, this natural human behavior is exactly what malicious actors are exploiting in the latest “whaling” attack.

Continue reading 0 Shares

Preparing for a Boardroom Discussion - Expect the Expected

· By Renee Guttmann, James Robinson · 0 Comments

Organizations must focus on many areas within the business to ensure corporate data and assets are secure. Even though there are competing priorities, application security must be an important component of a successful information risk management program.

Continue reading 0 Shares

Mapping Cyber Attacks to Maslow's Hierarchy of Needs

· By James Robinson · 0 Comments

Maslow’s hierarchy of needs is basically a theory that aims to understand what motivates people, represented as a pyramid that maps the different levels of needs. At the lowest level are the basic human needs that are required to function. As those needs are met, individuals move up the hierarchy to fulfill deeper and more complex needs.

Continue reading 0 Shares
(24 Results)