Optiv Blog

Petya / Petna / NotPetya Ransomware Recommendations from the Trenches

· By Nick Hyatt · 0 Comments

Here we go again. Not long ago I updated a blog post containing actionable recommendations to protect your environment from ransomware threats, including WannaCry. In the wake of yesterday’s Petya attack, I thought it would be prudent to update that blog again and reinforce concepts discussed therein.

Continue reading 0 Shares

Intelligence Advisory – New Petya Ransomware Outbreak

· By gTIC · 0 Comments

Optiv’s Global Threat Intelligence Center (gTIC) received reports from several sources concerning a recent modification to the Petya ransomware strain. This new strain is being referenced as ‘GoldenEye’. The modification has been identified as the SMB exploitation leveraged by WannaCry, the so-called EternalBlue exploit.

Continue reading 0 Shares

The Most Important Threats for Your Organization to Watch

· By Courtney Falk · 0 Comments

The Optiv Cyber Threat Intelligence Estimate 2017 is a yearly report that reviews important events of the past calendar year, and uses them to make projections for the coming year. Professionals from Optiv’s Cyber Threat Intelligence practice and the Global Threat Intelligence Center (gTIC) collaborated to identify the most important threats to watch.

Continue reading 0 Shares

What Changes will EO 13800 Bring to Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure?

· By Russell Pierce · 0 Comments

Anyone who has held the position of CIO or CISO in a government agency or bureau can tell you implementing an effective information risk management program has been more of a journey then a destination; and anyone who is surprised that we as a nation have struggled to protect our applications, data and infrastructure hasn’t been following the news.

Continue reading 0 Shares

Cyber Threat Intelligence – Putting out Fires or Firefighting?

· By Ken Dunham · 0 Comments

When it comes to fighting malware, combatting nation-state threats, and securing digital assets, the information security industry has much to learn from firefighters. Though we fight online threats, and firefighters fight fires, both roles have reactive and proactive challenges. Optiv strongly advocates that organizations become firefighters: not only responding reactively but also strategically and proactively.

Continue reading 0 Shares

Implementing an Identity Centric Approach

· By Bryan Wiese · 0 Comments

With the latest Verizon Data Breach Incident Report finding that 81 percent of hacking related breaches leveraged either stolen and/or weak passwords, our clients are consistently asking us, are we really immune to a breach?

Continue reading 0 Shares

Thank You for the Help!

· By Bill Heck · 0 Comments

One of the more influential things in my life that directed me towards a career in information security was the 1983 movie, WarGames. I was already a bit of a computer nerd in the early 80’s, but WarGames opened my eyes to the broad scale of what could be done from the comfort of your home. It wasn’t just about what I could do locally, but those ridiculously slow dial-up modems opened up a whole new world of possibilities!

Continue reading 0 Shares

Risk Management and Intelligence: What is Your End Game?

· By Ken Dunham · 0 Comments

Anyone worth their salt in the world of cyber threat intelligence is always focused on the actionable outcome – how can I lower my business risk by making a more informed and/or timely decision? If your strategy for enterprise risk management lacks that same focus for return on investment (ROI) related to your cyber threat intelligence component, you’ll miss the mark on your desired outcome.

Continue reading 0 Shares

Having an Identity Crisis? CISO’s Need to Own IAM

· By Richard Bird · 0 Comments

Within any company, we can find owners for every key function throughout the enterprise. If we ask, “who is in charge of human resources?” we know the name of the SVP or director of human resources will surface. If we ask, “who ultimately owns the uptime of our technology infrastructure?” our chief technology officer will raise her hand. If we want to know the strategic plan for product development, we can clearly articulate the rings of the organizational tree that represent every single leadership role supporting this function.

Continue reading 0 Shares

Three Steps for Management and Remediation of Security Vulnerabilities with Third Parties

· By James Robinson · 0 Comments

Over the years, security organizations have had to deal with many vulnerabilities that required quick response and remediation. Some examples that come to mind include Heartbleed, Shellshock, numerous specific vendor product vulnerabilities, and as we saw recently: WannaCry. All of these advisories require our organizations to quickly assess the exposure and impact; however, many of us stop at our own infrastructure. As we have seen with mobile, cloud and continued outsourcing, maintaining focus within our own virtual walls is not enough. There is significant risk and exposure to information if we have decided to leverage a service offering or third party.

Continue reading 0 Shares
(37 Results)