Optiv Blog

Six Key Alignments for CISO's on Cloud Security

· By John Turner · 0 Comments

Many CISO's and security teams are struggling with developing and executing an effective cloud security strategy, especially one that can keep up with the new technologies being deployed every day. Security leaders must take a foothold in the cloud to achieve positive outcomes, but first they must understand the fundamental difference cloud brings to the market.

Continue reading 0 Shares

Recovering From a Credential Breach, Part 2

· By Peter Gregory · 0 Comments

Probably the most important step to take when a user suspects that his or her user account has been compromised is to notify the organization’s IT service desk. End users should notify the IT service desk right away in the event of the loss or theft of a laptop computer, tablet or smartphone.

Continue reading 0 Shares

PCI Compliance Every Day – Requirement 7

· By Jeff Hall, Scott Chimner · 0 Comments

This post focuses on PCI DSS requirement seven; restricting access to cardholder data and in-scope system components based on the “need to know” and/or the principle of “least privilege.” “Need to know” as defined in the PCI DSS is “when access rights are granted to only the least amount of data and privileges needed to perform a job.”

Continue reading 0 Shares

Recovering From a Credential Breach, Part 1

· By Peter Gregory · 0 Comments

A few years ago while on a business trip, I was out to dinner and left my luggage in my rental car (I had not yet checked in to my hotel). When I finished dinner and went back to my rental car, I found it had been broken into and my luggage was gone. My keyring with keys to my house, car and other places was in my luggage.

Continue reading 0 Shares

Top 20 CIS Critical Security Controls (CSC) Through the Eyes of a Hacker – CSC 20

· By Joshua Platz · 0 Comments

Test the overall strength of an organization’s defenses (the technology, the process and the people) by simulating the objectives and actions of an attacker.

Continue reading 0 Shares

What Changes will EO 13800 Bring to Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure?

· By Russell Pierce · 0 Comments

Anyone who has held the position of CIO or CISO in a government agency or bureau can tell you implementing an effective information risk management program has been more of a journey then a destination; and anyone who is surprised that we as a nation have struggled to protect our applications, data and infrastructure hasn’t been following the news.

Continue reading 0 Shares

Thank You for the Help!

· By Bill Heck · 0 Comments

One of the more influential things in my life that directed me towards a career in information security was the 1983 movie, WarGames. I was already a bit of a computer nerd in the early 80’s, but WarGames opened my eyes to the broad scale of what could be done from the comfort of your home. It wasn’t just about what I could do locally, but those ridiculously slow dial-up modems opened up a whole new world of possibilities!

Continue reading 0 Shares

Having an Identity Crisis? CISO’s Need to Own IAM

· By Richard Bird · 0 Comments

Within any company, we can find owners for every key function throughout the enterprise. If we ask, “who is in charge of human resources?” we know the name of the SVP or director of human resources will surface. If we ask, “who ultimately owns the uptime of our technology infrastructure?” our chief technology officer will raise her hand. If we want to know the strategic plan for product development, we can clearly articulate the rings of the organizational tree that represent every single leadership role supporting this function.

Continue reading 0 Shares

Top 20 CIS Critical Security Controls (CSC) Through the Eyes of a Hacker – CSC 19

· By Dan Kottmann · 0 Comments

Protect the organization’s information, as well as its reputation, by developing and implementing an incident response infrastructure (e.g. plans, defined roles, training, communications, management oversight) for quickly discovering an attack and then effectively containing the damage, eradicating the attacker’s presence and restoring the integrity of the network and systems.

Continue reading 0 Shares

Top 20 CIS Critical Security Controls (CSC) Through the Eyes of a Hacker – CSC 18

· By Mike Hodges · 0 Comments

Manage the security lifecycle of all in-house developed and acquired software in order to prevent, detect and correct security weaknesses.

Continue reading 0 Shares
(280 Results)