Every Solution You Can Imagine – and More
What cybersecurity solution do you need? From Zero Trust to ADR, IAM, risk/privacy, data protection, AppSec and threat, securing digital transformation, to resiliency and remediation, we can build the right program to help solve your challenges.
A Single Partner for Everything You Need
Optiv works with more than 400 world-class security technology partners. By putting you at the center of our unmatched ecosystem of people, products, partners and programs, we accelerate business progress like no other company can.
We Are Optiv
Greatness is every team working toward a common goal. Winning in spite of cyber threats and overcoming challenges in spite of them. It’s building for a future that only you can create or simply coming home in time for dinner.
However you define greatness, Optiv is in your corner. We manage cyber risk so you can secure your full potential.
DEF CON is Here: A Reminder to Manage and Remediate Security Vulnerabilities of Your Third Parties
Every year I like to take a look at the talks at Black Hat and DEF CON to see if there are areas of risk I need to review. This year, like others, has focused on different hacking and defensive techniques. It also included a theme on cloud components as well as IoT, and new vulnerabilities within both. If your organization develops these products, you have the ability to talk with the development teams and review the devices for the vulnerabilities.
However, for many of us, we are not able to review these devices for the vulnerabilities very easily. For those that fall in this camp you will need to have conversations with the vendors and manufactures about their controls and specifics, which is a manual and grueling process. Luckily organizations can leverage their third-party risk management processes, if they have them, along with the ability to create customized questionnaires to address these vulnerabilities with their manufactures.
In my previous blog post, Three Steps for Management and Remediation of Security Vulnerabilities, I shared how organizations would look for vulnerabilities within their vendors. This same process applies to IoT and cloud systems. In preparation for this week’s activities it might be a good step to review your organization and perform any preparations you can. Some key areas that stood out this year include:
To ensure your vulnerability response program is comprehensive, dedicating time and resources to your third-party risk management program is a must and there is no better time than the present.
September 12, 2017
Learn how to build a solid foundation for your third-party risk program.
Let us know what you need, and we will have an Optiv professional contact you shortly.