Optiv Blog

Top 20 CIS Critical Security Controls (CSC) Through the Eyes of a Hacker – CSC 12

· By Joshua Platz · 0 Comments

Detect/prevent/correct the flow of information transferring networks of different trust levels with a focus on security-damaging data.

Continue reading 0 Shares

MSSQL Agent Jobs for Command Execution

· By Nicholas Popovich · 0 Comments

The primary purpose of the Optiv attack and penetration testing (A&P) team is to simulate adversarial threat activity in an effort to test the efficacy of defensive security controls. Testing is meant to assess many facets of organizational security programs by using real-world attack scenarios.

Continue reading 0 Shares

Just Enough Insider Threat Defense

· By Heath Nieddu · 0 Comments

At a recent conference for IT leaders, I addressed the theme of, “How much cyber security is enough?” We all probably have had to answer the broad question of how much budget is appropriate relative to our peers, but a discussion about risk and value should quickly follow.

Continue reading 0 Shares

No One Plans to Fail, but Many Fail to Plan

· By Dawn-Marie Hutchinson · 0 Comments

In the information security community, we talk often about incident response plans and the need to conduct regular tabletop exercises. Where we fail is to prepare at the enterprise level. What happens when your corporate policy prohibits retainer services for technology work, but you need a technical first-response team? What is your enterprise approval policy for high dollar value expenditures?

Continue reading 0 Shares

Business Driven Vendor Risk Assessment Template

· By Michael Myaskovsky · 0 Comments

The pace and level of outsourcing has continued to evolve and now includes any and all business areas and cloud services. Outsourcing decisions often occur under the radar focusing on the economics of the agreement and not risk management oversight. In these scenarios, it is quite common to perform a risk assessment after a contract has been signed leaving a company with very little leverage to address critical audit findings.

Continue reading 0 Shares

Six Steps for Establishing a Vendor Risk Management Program

· By Michael Myaskovsky · 0 Comments

One of the key problem areas of enterprise risk management is vendor risk. Managing hundreds to thousands of vendors, suppliers, outsourcers and other third-party relationships is difficult in the best of financial times. But with shrinking budgets and smaller staffs, how can vendor risk management be performed correctly?

Continue reading 0 Shares

Five Ways to Minimize Risk Exposure

· By Jason James · 0 Comments

Risk management is something to be taken very seriously. Few things are more harmful to a company's reputation and bottom line, than a breach of client information. However, many companies are busy managing their solution over managing risk or using complicated and expensive resources, practices and solutions to identify risks.

Continue reading 0 Shares

Play it Safe, or Don’t Play at All

· By Doug Hall · 0 Comments

Every day, millions of people around the world actively engage in a variety of online gaming activities. In fact, more than 58 percent of all Americans say they have played online games and 77 percent of them say they play them more than an hour per week. Companies have to face the reality that some of this gaming takes place on business-owned computers and devices or BYOD connected to company systems.

Continue reading 0 Shares

Top 20 CIS Critical Security Controls (CSC) Through the Eyes of a Hacker – CSC 11

· By Paul O'Grady · 0 Comments

Establish, implement, and actively manage (track, report on, correct) the security configuration of network infrastructure devices using a rigorous configuration management and change control process in order to prevent attackers from exploiting vulnerable services and settings.

Continue reading 0 Shares

Top 20 CIS Critical Security Controls (CSC) Through the Eyes of a Hacker – CSC 10

· By Ralph May · 0 Comments

The processes and tools used to properly back up critical information with a proven methodology for timely recovery of it.

Continue reading 0 Shares
(492 Results)

Get In Touch

Whether you are looking for general information or have a specific question, we want to help.

Contact Us