Every Solution You Can Imagine – and More
What cybersecurity solution do you need? From Zero Trust to ADR, IAM, risk/privacy, data protection, AppSec and threat, securing digital transformation, to resiliency and remediation, we can build the right program to help solve your challenges.
A Single Partner for Everything You Need
Optiv works with more than 450 world-class security technology partners. By putting you at the center of our unmatched ecosystem of people, products, partners and programs, we accelerate business progress like no other company can.
We Are Optiv
Greatness is every team working toward a common goal. Winning in spite of cyber threats and overcoming challenges in spite of them. It’s building for a future that only you can create or simply coming home in time for dinner.
However you define greatness, Optiv is in your corner. We manage cyber risk so you can secure your full potential.
July 25, 2022
Resilience is everywhere these days, in analyst reports, marketing materials, and board tables. While resilience is easy to talk about as one of the latest industry buzz words, implementing true cyber resilience is a complex but worthwhile endeavor that could save your organization millions should a cyberattack occur.
It’s estimated that cybercriminals can penetrate 93 percent of company networks. There’s a ransomware attack every 11 seconds. Former Federal Bureau of Investigation (FBI) director Robert S. Mueller III, who during his tenure created the FBI Cyber Division, is known for saying “I am convinced that there are only two types of companies: those that have been hacked and those that will be. And even they are converging into one category: companies that have been hacked and will be hacked again.”
Beyond traditional business continuity and business recovery plans, cyber resilience is a shift in mind-set, culture, and approach where you assume that operations will be interrupted at some point. This shift in mind-set from reacting to threats as they occur to assuming that a breach is only a matter of time helps you look at cyber-risk management in a new, vested light.
When I speak with boards about cyber resilience, I talk about implementing resilient measures and practices across people, processes, and technology. By and large, I find that many organizations tend to focus on the technology investments they’ve made to shore up defenses, and far less on people and processes, leaving ample vulnerabilities that could prove hazardous down the line. If you find this to be the case within companies you oversee, below are a few tips boards should consider discussing with management to ramp up the “people” and “process” parts of the cyber-resilience equation.
Innocent mistakes and simple negligence make up 60 percent of insider incidents, costing the average organization $4.6 million each year, according to the 2020 Cost of Insider Threats Global Report.
Cybersecurity is more about people behind keyboards than it is about technology. Threat actors, especially nation-state actors, prey upon innocent and well-intentioned employees. During my time at the FBI, I worked cases where threat actors used an employee’s social media accounts to groom them from an unwitting accomplice into a knowing coconspirator. People are the first line of defense, but still the weakest link.
To boost people resilience, boards should ensure management takes the following actions:
As mentioned above, identifying mission-critical assets and mapping the process to protect them enables rapid recovery to a secure state when an attack inevitably happens. If you’re early in your cybersecurity journey, consider working with a partner who can deliver an incident readiness assessment that:
Boards should discuss the following areas of focus with management:
Cyber resilience is really about people, including culture and relationships, and process. Because people are still the weakest link in the cyberattack chain, creating an environment with your employees where they feel informed, included, and empowered to learn and reduce cyber risk is crucial. Using a process to understand your mission-critical assets is imperative, and developing the right relationships with sales, marketing, legal, communications, executives, and other stakeholders will make the road to recovery faster and less painful.
Building resilience into the enterprise is no small task—but once it is implemented, it significantly reduces organizational risk and helps ensure that your business can keep doing what it does best.
This article originally appeared on the NACD BoardTalk blog. Reprinted with permission.https://blog.nacdonline.org/posts/building-cyber-resilience
Optiv Security: Secure greatness.®
Optiv is the cyber advisory and solutions leader, delivering strategic and technical expertise to nearly 6,000 companies across every major industry. We partner with organizations to advise, deploy and operate complete cybersecurity programs from strategy and managed security services to risk, integration and technology solutions. With clients at the center of our unmatched ecosystem of people, products, partners and programs, we accelerate business progress like no other company can. At Optiv, we manage cyber risk so you can secure your full potential. For more information, visit www.optiv.com.
May 17, 2022
Protect and secure critical data. Avoid business interruptions and loss. Optiv’s Cyber Resilience service can help.
June 03, 2022
To survive and thrive in the complex digital future, enterprises must build cybersecurity resilience. This guide offers in-depth approaches.
March 19, 2021
Our employee training programs help you meet compliance requirements, minimize risks and maximize data security.
Let us know what you need, and we will have an Optiv professional contact you shortly.