Optiv Blog

Maturing IR Capabilities into an Incident Management Program – Part 3 of 3

· By Jenn Black · 0 Comments

Incident response has become one of the most critical aspects of any overall security strategy, but a solid incident response program (IRP) is something many organizations – both large and small – either lack entirely or don’t take seriously enough.

Continue reading 0 Shares

Secure SDLC Lessons Learned: #5 Personnel

· By Shawn Asmus · 0 Comments

t’s no secret that finding and retaining dependable, well-trained application security professionals is a serious challenge, and has been for years. Part of the problem is that the breadth and depth of AppSec knowledge is rather astronomical; one could argue that it’s exponentially wider than network security and grows at a much faster rate. Based on what I’ve seen, teams tend to be perpetually short-staffed and undertrained.

Continue reading 0 Shares

Secure SDLC Lessons Learned: #4 Metrics

· By Shawn Asmus · 0 Comments

As the secure SDLC program matures, vulnerabilities should be caught and remediated earlier in the lifecycle. To know if the program is truly working, organizations must capture metrics. The specific metrics chosen should support and align with the organization’s business objectives and risk management program.

Continue reading 0 Shares

Maturing IR Capabilities into an Incident Management Program – Part 2 of 3

· By Jenn Black, Jeff Wichman, Case Barnes, Erik Schmidt, Curtis Fechner · 0 Comments

The capability to respond effectively to cyber incidents is one of the most critical components of an enterprise security program. However, many companies still lack a solid incident response program (IRP) entirely or don’t take incident response planning seriously enough.

Continue reading 0 Shares

Three Steps to Enhancing Your Third-Party Risk Program

· By Peter Gregory, James Robinson · 0 Comments

In the world of third-party and vendor risk management, many new practices are being adopted. Over the past few weeks, members of Optiv’s third-party risk team have initiated conversations with key industry leaders through a series of roundtable discussions. These thought leaders own or participate in their organizations’ third-party strategies. During these sessions, we shared leading practices and principles, and identified a number of common trends.

Continue reading 0 Shares

Secure SDLC Lessons Learned: #3 Knowledge Management

· By Shawn Asmus · 0 Comments

The term “knowledge management” (KM) refers to using vulnerability mining to turn remediation into lessons learned. Essentially this involves taking knowledge from security remediation activities and placing it within a KM repository that developers, architects and other stakeholders can access. By sharing remediation information across teams, an organization can remove or reduce intelligence silos that contribute to recurring and familiar software bugs.

Continue reading 0 Shares

Maturing IR Capabilities into an Incident Management Program – Part 1 of 3

· By Jenn Black, Optiv Enterprise Incident Management Team · 0 Comments

We’ve all heard that it’s not a matter of “if,” but “when.” This statement, while becoming its own stale mantra of sorts, is still the impetus for the necessary and dramatic shift taking place across enterprise-level cyber security program strategy. Incident response has become one of the most critical aspects of any overall security strategy, but a solid incident response program (IRP) is something many organizations – both large and small – either lack entirely or don’t take seriously enough.

Continue reading 0 Shares

Secure SDLC Lessons Learned: #2 Assessment Toolchain

· By Shawn Asmus · 0 Comments

Most organizations would agree that maintaining a fast, predictable flow of planned work (e.g. projects, scheduled changes) that achieves business goals while minimizing the impact of unplanned work (e.g. bug fixes, outages) is the ultimate IT goal. Security assessment activities should be part of planned work, and to accomplish that, the right tools must be selected.

Continue reading 0 Shares

Secure SDLC Lessons Learned: #1 Application Catalog

· By Shawn Asmus · 0 Comments

Building an application catalog is a critical step towards maintaining governance over a secure SDLC program. The primary purposes of the catalog are to provide teams information on which technologies are in place in the enterprise (Java, .Net, third-party libraries, platforms) and criteria for identifying which applications are mission critical and/or high risk.

Continue reading 0 Shares

Actionability Doesn’t Mean I Have to do More Work!

· By Ken Dunham · 0 Comments

“Actionability” is something we are starting to hear more and more from industry sales and marketing, but often doesn’t translate into reality for various components of cyber threat intelligence programs and services.

Continue reading 0 Shares
(103 Results)