Optiv Blog

Business Driven Vendor Risk Assessment Template

· By Michael Myaskovsky · 0 Comments

The pace and level of outsourcing has continued to evolve and now includes any and all business areas and cloud services. Outsourcing decisions often occur under the radar focusing on the economics of the agreement and not risk management oversight. In these scenarios, it is quite common to perform a risk assessment after a contract has been signed leaving a company with very little leverage to address critical audit findings.

Continue reading 0 Shares

Six Steps for Establishing a Vendor Risk Management Program

· By Michael Myaskovsky · 0 Comments

One of the key problem areas of enterprise risk management is vendor risk. Managing hundreds to thousands of vendors, suppliers, outsourcers and other third-party relationships is difficult in the best of financial times. But with shrinking budgets and smaller staffs, how can vendor risk management be performed correctly?

Continue reading 0 Shares

Five Ways to Minimize Risk Exposure

· By Jason James · 0 Comments

Risk management is something to be taken very seriously. Few things are more harmful to a company's reputation and bottom line, than a breach of client information. However, many companies are busy managing their solution over managing risk or using complicated and expensive resources, practices and solutions to identify risks.

Continue reading 0 Shares

Play it Safe, or Don’t Play at All

· By Doug Hall · 0 Comments

Every day, millions of people around the world actively engage in a variety of online gaming activities. In fact, more than 58 percent of all Americans say they have played online games and 77 percent of them say they play them more than an hour per week. Companies have to face the reality that some of this gaming takes place on business-owned computers and devices or BYOD connected to company systems.

Continue reading 0 Shares

Top 20 CIS Critical Security Controls (CSC) Through the Eyes of a Hacker – CSC 11

· By Paul O'Grady · 0 Comments

Establish, implement, and actively manage (track, report on, correct) the security configuration of network infrastructure devices using a rigorous configuration management and change control process in order to prevent attackers from exploiting vulnerable services and settings.

Continue reading 0 Shares

Top 20 CIS Critical Security Controls (CSC) Through the Eyes of a Hacker – CSC 10

· By Ralph May · 0 Comments

The processes and tools used to properly back up critical information with a proven methodology for timely recovery of it.

Continue reading 0 Shares

Top 20 CIS Critical Security Controls (CSC) Through the Eyes of a Hacker – CSC 9

· By Chris Ballentine · 0 Comments

Manage (track/control/correct) the ongoing operational use of ports, protocols and services on networked devices in order to minimize windows of vulnerability available to attackers.

Continue reading 0 Shares

Top 20 CIS Critical Security Controls (CSC) Through the Eyes of a Hacker – CSC 8

· By Joshua Platz · 0 Comments

Control the installation, spread, and execution of malicious code at multiple points in the enterprise, while optimizing the use of automation to enable rapid updating of defense, data gathering, and corrective action.

Continue reading 0 Shares

Five Key Tips To Improve Your Company’s Cyber Security Culture

· By Doug Hall · 0 Comments

An organization’s biggest threat may not come from far away hackers but from its own employees. Your first line of defense is to develop a cyber security culture within your organization that embraces and rewards the adoption of good cyber security behavior. Remember, it’s not just up to the IT department – the entire company must work together.

Continue reading 0 Shares

Threat Advisory – Single Sign-On Phishing

· By Nicolle Neulist · 0 Comments

Recently, Optiv’s Global Threat Intelligence Center (gTIC) identified an active phishing campaign against the education sector, in which attackers are stealing credentials and using them to redirect direct deposit paychecks to attacker-controlled accounts. Users are being tricked into entering their single sign-on (SSO) information into a portal that is made to look like the real one, but is controlled by the attacker.

Continue reading 0 Shares
(481 Results)

Get In Touch

Whether you are looking for general information or have a specific question, we want to help.

Contact Us