Vice President, Third-Party Risk Management
As vice president, third-party risk management, Robinson oversees Optiv’s Third-Party Risk Management practice which includes the development and operations of TPRM-as-a-Service and Evantix. During his tenure at Optiv, he has worked as a core contributor around strategic internal initiatives including threat management, risk management, third-party risk management, vulnerability management and data program protection. He also develops and delivers a comprehensive suite of strategic services and solutions that help chief experience officer (CXO) executives evolve their security strategies through innovation.
Protecting Against the Inevitable
Imagine this situation: you are sitting in your office, all is going well, when you receive an urgent invite for a due diligence committee meeting to potentially acquire another business. This isn’t the first time your company is evaluating acquisition targets; and then it hits you – the last time this happened your organization came under attack. Suddenly your mind is racing as you realize that you only have two weeks before the announcement is made public, thus placing a target on your organization.
For most, this situation causes a gut reaction of panic and stress. But many other companies have found themselves in this position, have gone through the process, and emerged successfully on the other side. The lessons learned from these real-life situations have enabled us to develop steps to help your organization adequately prepare for a potential attack when going through a critical time.
Rally the Troops
Get everyone in your company involved with an education session. Let employees know that there could be a cyber attack coming, and that the organization is preparing. It is key to involve legal, IT and public relations so that they know their roles and can prepare for a potential breach.
Understand the Threat
Gather as much intel about the potential attack and the attacker as possible. In the above example the organization should consider what happened last time. In other cases, there may be more specific information available about an impending attack. One of the most important questions businesses should ask themselves is: what are the attackers after?
Take Stock of Your Environment
Baseline your technical environment’s inventory to get a clear view of your network and security posture.
Close Open Holes
Understand where your important data lies. Perform a vulnerability scan. Determine which patches to tackle first according to their severity. If you can’t close the hole, monitor it.
Guard the Gateway
Limit Web and remote access to only to those who need it. Close services that you don’t have to use. Perform a firewall rule cleanup to help ensure your perimeter is protected.
Defend Critical Assets and Raise the Shields
Understand what you are really trying to protect. Once you understand your critical assets, you should set up an active defense. Apply the threat intelligence you have to reduce your attack surface.
Prepare for the Worst
Even when all the proper precautions are put into place, a breach can still occur. There is a good way and a bad way to go through a disaster. Have a tested incident response plan ready to go, and have third-party experts ready to assist should an attack occur.
Last week, we published a white paper on this topic which describes relevant threats and strategies for organizations to apply threat intelligence to bolster defenses, develop a plan of action to minimize the attack surface, and strengthen the walls around prized data assets while the clock ticks down.
In addition, we recently conducted a webcast on this topic; you can find the recording here.