Optiv Blog

PCI Compliance Every Day – Requirement 11

· By Jeff Hall · 0 Comments

The most widely known requirements in PCI DSS 3.2 section 11 with a timing implication are the quarterly external and internal vulnerability scans (11.2). External vulnerability scans are required to be done by an approved scanning vendor (ASV). Internal vulnerability scanning can be done by anyone that is deemed qualified to perform the scanning (as defined by the Penetration Testing Information Supplement).

Continue reading 0 Shares

Criminals Often Prey on Victims… Know the Top 5 Things to Protect Yourself

· By Shane Jones, Aaron Martin, Michael Small · 0 Comments

Criminals oftentimes utilize current events (natural disasters, large data breaches, public massacres, terrorist attacks, etc.) to target not just the friends and families of the victims, but also the general population that may be familiar with the event. Referencing current happenings is a way to leverage sociological instincts and prey upon people's familiarity with a specific event.

Continue reading 0 Shares

Predictions for Tomorrow’s Internet

· By Security Communications and Awareness Team, Jeff Stanley · 0 Comments

Currently, an estimated 6.4 billion Internet-of-Things (IoT) devices are connected, with 67 percent residing in North America, Western Europe and China. By the end of 2017, IoT growth is predicted to continue with an explosive 8.4 billion connected devices with a high concentration in electric utility and commercial security applications

Continue reading 0 Shares

Cyber Security Awareness: Take Control of Your Identity

· By Michael Lines · 0 Comments

October is National Cyber Security Awareness Month; the annual campaign led by the U.S. Department of Homeland Security that seeks to raise awareness about the importance of cyber security for the general public. It’s a great opportunity to take action to protect your personal information, especially in light of recent news events.

Continue reading 0 Shares

From the Boardroom to the Breakroom: Cyber Security in the Workplace

· By Security Communications and Awareness Team, Jeff Stanley · 0 Comments

Key steps to cyber security in the workplace include establishing and maintaining a “security culture” in which company networks and the data they hold are protected from internal and external risk. Top-tier executives must show a commitment to the process by encouraging responsible use of company IT systems, meaningful participation in cyber security awareness and training programs, and protection from current cyber threats.

Continue reading 0 Shares

Avoid User in Training

· By Dusty Anderson · 0 Comments

Often when I’m onsite with clients, gathering requirements for an identity and access management (IAM) solution implementation, I’m asked, “What are some key things that we should do to help this implementation be successful?”

Continue reading 0 Shares

Online Safety - Simple Steps

· By Security Communications and Awareness Team, Jeff Stanley · 0 Comments

From cyber bullying to obtaining personal and sensitive information through phishing campaigns, harm lurks in many corners of the Internet. With a few simple steps, anyone connected can improve their personal security, making their online activities safer.

Continue reading 0 Shares

Being Certain about Estimative Uncertainty

· By Ken Dunham · 0 Comments

I love it when my teenager says something like, “You know Dad, that’s how they designed it,” when in fact, my child does not have any evidence to support his conclusion. It’s spoken as a hard truth, with enthusiastic declaration. If it’s a fact – stick to the facts people. Too often we find individuals involved in cyber defense and threat research and response doing the same thing.

Continue reading 0 Shares

DDoS Threats: Are Your Third Parties Protecting You?

· By James Robinson · 0 Comments

There’s evidence that ransomware may be evolving beyond holding data hostage. In recent news, DDoS attacks were used as a threat against organizations, shutting down their internet connections and holding the organization for ransom. DDoS attacks aren’t new. And while this new use of DDoS may be alarming, we need to pause and look at how business works in our interconnected world.

Continue reading 0 Shares

Six Key Alignments for CISO's on Cloud Security

· By John Turner · 0 Comments

Many CISO's and security teams are struggling with developing and executing an effective cloud security strategy, especially one that can keep up with the new technologies being deployed every day. Security leaders must take a foothold in the cloud to achieve positive outcomes, but first they must understand the fundamental difference cloud brings to the market.

Continue reading 0 Shares
(601 Results)