Every Solution You Can Imagine – and More
What cybersecurity solution do you need? From Zero Trust to ADR, IAM, risk/privacy, data protection, AppSec and threat, securing digital transformation, to resiliency and remediation, we can build the right program to help solve your challenges.
A Single Partner for Everything You Need
Optiv works with more than 400 world-class security technology partners. By putting you at the center of our unmatched ecosystem of people, products, partners and programs, we accelerate business progress like no other company can.
We Are Optiv
Greatness is every team working toward a common goal. Winning in spite of cyber threats and overcoming challenges in spite of them. It’s building for a future that only you can create or simply coming home in time for dinner.
However you define greatness, Optiv is in your corner. We manage cyber risk so you can secure your full potential.
It's no secret that data breaches are an ugly reality for businesses today, and despite ever increasing investments, organizations seem unable to stem the tide of successful attacks. Granted, information security is fundamentally complex, and there are many contributing factors behind breaches such as resource limitations, lack of accountability, compliance distractions, cloud complexity and escalating speed of business. However, I posit that the biggest issue organizations face today is a lack of focus on building and maintaining a basic security foundation.
So, what should the foundation provide? The Verizon Data Breach Investigations Report (DBIR) offers a well-informed guide based on the analysis of thousands of information security incidents and data breaches. Here are several key takeaways from 2017:
While the DBIR data doesn’t provide a “silver bullet” fix, it helps us see that breaches follow patterns, and patterns are predictable. A case in point is ransomware, a 28-year-old attack method involving the execution of malware that encrypts all or part of a user’s data. To be successful, ransomware has to gain access to a system, install a malware program or inject code into a process and execute commands to encrypt data. This typically happens due to poor patching practices, inbound internet traffic, email and attachments not being scrutinized, and weak endpoint security. Stated simply, it works because organizations aren’t focused on mitigating the known attack method due to a poor security foundation.
It’s worth noting attackers don’t care if a network is compliant, has good privacy policies or lots of shiny technologies. While those are important elements of a good security program, effective security programs need to be focused on mitigating actual attack methods in order to support compliance and privacy related initiatives, not the other way around.
With that said, here are six essential elements of a basic security foundation you can work on today:
This list is only a small subset of possible mitigation techniques that should be present in a successful security program. However, the six steps will provide a strong foundation of defenses against the most common attack methodologies and directly reduce risk from the biggest technical threats you face on a daily basis.
October 12, 2017
October is National Cybersecurity Awareness Month; the annual campaign led by the U.S. Department of Homeland Security that seeks to raise awareness....
July 21, 2015
Learn how we can help secure your date throughout its lifecycle.
Let us know what you need, and we will have an Optiv professional contact you shortly.