Optiv Blog

Security vs. End User Experience – Find the Balance

· By Dusty Anderson · 0 Comments

Have we become so focused on serving our customers that we are willing to cut corners for the sake of speed and convenience, only to subject the organization to security risks? I’m not suggesting that one has to be prioritized over the other, you can provide a great user experience, while also keeping your users’ identities and access secure. It is possible to achieve a healthy balance.

Continue reading 0 Shares

Cyber Threat Intelligence Requires Commitment

· By Ken Dunham · 0 Comments

It’s been said that in a breakfast of bacon and eggs, the chicken is involved but the pig is committed. This saying is relevant when implementing a cyber threat intelligence program. You must be committed in order to succeed. In this blog post, I’ll explore some of the common pitfalls of implementing a cyber threat intelligence program.

Continue reading 0 Shares

PCI Requirement Changes Coming in 2018

· By Jeff Hall · 0 Comments

The end of 2017 is quickly approaching, and we thought we should remind you of the PCI requirement changes that are coming next year. Some of these deadlines will go into effect at the end of January, so if you are not on top of these you had better get moving. As of February 1, 2018, the following will become requirements for all organizations complying with the PCI DSS.

Continue reading 0 Shares

Want to be a Great Security Leader? You Need a Great Lawyer

· By J.R. Cunningham · 0 Comments

Information security continues to evolve as a profession, and this is certainly evident in the role that legislation, privacy, third-party risk and incident management play in the daily life of the information security leader. More often, as I meet with clients to discuss security strategy and risk, security leaders are struggling with the myriad of compliance requirements, various state and national privacy laws, and their relationship with the information security program.

Continue reading 0 Shares

The Risk of Cryptocurrencies

· By Courtney Falk · 0 Comments

Cryptocurrencies are a libertarian ideal: a monetary system outside the control of big government. The modern digital world provides the necessary components for a cryptocurrency to succeed. Computing power has advanced sufficiently to lower the processing burden of cryptography. Now systems are both powerful enough and affordable enough that there is a sufficiently large audience for a cryptocurrency system. But where cryptocurrencies solve some of the fundamental problems of centralized currencies, they also introduce some new problems while still falling victim to other, age-old problems.

Continue reading 0 Shares

Five Steps to Ensuring a Successful Identity and Access Management Solution Deployment

· By Tony Naples · 0 Comments

After endless cost-benefit meetings, business case rewrites and months of organizational readiness activities, your identity and access management (IAM) project is funded, has a staff and a start date. You did everything possible from an organizational readiness perspective to prepare and ensure conditions were set to achieve maximum value. Now you are ready to deploy the solution, and following these five steps can help your organization have a successful project launch.

Continue reading 0 Shares

PCI Compliance Every Day – Requirement 5

· By Jeff Hall · 0 Comments

In this latest post of my PCI compliance blog series, we will explore Requirement 5, which has four distinct requirements that imply they need to be addressed at least daily. The first requirement (5.1) necessitates that an organization maintain an accurate inventory of their devices and the operating systems on those devices. However, configuration management data base (CMDB) solutions are notorious for not being completely implemented.

Continue reading 0 Shares

Five Steps to Preparing for a Successful Identity and Access Management Solution Deployment

· By Tony Naples · 0 Comments

As adoption of the Internet of Things (IoT) continues at an incredible pace, organizations of all sizes are shifting away from traditional notions of perimeter security to an identity-based security approach. As businesses evaluate identity and access management (IAM) products to assist with implementing this approach, the desire to achieve the benefits often quickly overshadows their organization’s readiness to implement an IAM solution to actually reap those benefits.

Continue reading 0 Shares

Can Your Organization Accept the Risk of Being First?

· By Woodrow Brown · 0 Comments

Optiv recently completed our 2017 endpoint security solution evaluation. For this year’s review, we constructed several use cases that would model threats to enterprise user workstations. The attack scenarios began with exploiting well-known vulnerabilities, such as CVE-2015-0313, and escalated to assumed targeted phishing attacks using custom binaries.

Continue reading 0 Shares

PCI Compliance Every Day – Requirement 10

· By Jeff Hall · 0 Comments

When people think of PCI business as usual (BAU) they do not typically see the requirements in section 10 as having much of anything to do with BAU. However, there are a lot of things that need to be monitored. The requirement almost everyone remembers in this section with an explicit BAU is 10.6.1.

Continue reading 0 Shares
(622 Results)