Optiv Blog

Help Keep Your Children Safe Online

· By Brian Wrozek · 0 Comments

The Children’s Internet Usage Study conducted by the Center for Cyber Safety and Education discovered that 30 percent of children ages 8-14 use the internet in a way they know their parents would not approve. That’s alarming. Luckily, October is National Cyber Security Awareness Month, which is an ideal opportunity for parents to set aside time to teach their children good digital habits to keep them safe online.

Continue reading 0 Shares

Predictions for Tomorrow’s Internet

· By Security Communications and Awareness Team, Jeff Stanley · 0 Comments

Currently, an estimated 6.4 billion Internet-of-Things (IoT) devices are connected, with 67 percent residing in North America, Western Europe and China. By the end of 2017, IoT growth is predicted to continue with an explosive 8.4 billion connected devices with a high concentration in electric utility and commercial security applications

Continue reading 0 Shares

Six Key Alignments for CISO's on Cloud Security

· By John Turner · 0 Comments

Many CISO's and security teams are struggling with developing and executing an effective cloud security strategy, especially one that can keep up with the new technologies being deployed every day. Security leaders must take a foothold in the cloud to achieve positive outcomes, but first they must understand the fundamental difference cloud brings to the market.

Continue reading 0 Shares

What Changes will EO 13800 Bring to Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure?

· By Russell Pierce · 0 Comments

Anyone who has held the position of CIO or CISO in a government agency or bureau can tell you implementing an effective information risk management program has been more of a journey then a destination; and anyone who is surprised that we as a nation have struggled to protect our applications, data and infrastructure hasn’t been following the news.

Continue reading 0 Shares

Thank You for the Help!

· By Bill Heck · 0 Comments

One of the more influential things in my life that directed me towards a career in information security was the 1983 movie, WarGames. I was already a bit of a computer nerd in the early 80’s, but WarGames opened my eyes to the broad scale of what could be done from the comfort of your home. It wasn’t just about what I could do locally, but those ridiculously slow dial-up modems opened up a whole new world of possibilities!

Continue reading 0 Shares

Top 20 CIS Critical Security Controls (CSC) Through the Eyes of a Hacker – CSC 18

· By Mike Hodges · 0 Comments

Manage the security lifecycle of all in-house developed and acquired software in order to prevent, detect and correct security weaknesses.

Continue reading 0 Shares

Secure SDLC Lessons Learned: #5 Personnel

· By Shawn Asmus · 0 Comments

t’s no secret that finding and retaining dependable, well-trained application security professionals is a serious challenge, and has been for years. Part of the problem is that the breadth and depth of AppSec knowledge is rather astronomical; one could argue that it’s exponentially wider than network security and grows at a much faster rate. Based on what I’ve seen, teams tend to be perpetually short-staffed and undertrained.

Continue reading 0 Shares

Secure SDLC Lessons Learned: #4 Metrics

· By Shawn Asmus · 0 Comments

As the secure SDLC program matures, vulnerabilities should be caught and remediated earlier in the lifecycle. To know if the program is truly working, organizations must capture metrics. The specific metrics chosen should support and align with the organization’s business objectives and risk management program.

Continue reading 0 Shares

Secure SDLC Lessons Learned: #3 Knowledge Management

· By Shawn Asmus · 0 Comments

The term “knowledge management” (KM) refers to using vulnerability mining to turn remediation into lessons learned. Essentially this involves taking knowledge from security remediation activities and placing it within a KM repository that developers, architects and other stakeholders can access. By sharing remediation information across teams, an organization can remove or reduce intelligence silos that contribute to recurring and familiar software bugs.

Continue reading 0 Shares

Secure SDLC Lessons Learned: #2 Assessment Toolchain

· By Shawn Asmus · 0 Comments

Most organizations would agree that maintaining a fast, predictable flow of planned work (e.g. projects, scheduled changes) that achieves business goals while minimizing the impact of unplanned work (e.g. bug fixes, outages) is the ultimate IT goal. Security assessment activities should be part of planned work, and to accomplish that, the right tools must be selected.

Continue reading 0 Shares
(132 Results)