Our New Normal
Keep Calm and Innovate On
Tip: How to save time when creating a tab module from scratch.
Create one tab that has the images, text format, animations, and interactions you want the other tabs in the module to have. Copy and paste the tab and change the names of the pasted tab folders in the layers panel. You can then change the text and images in each tab. This is more efficient than making each tab from scratch.
Round the corners on images and rectangles.
To do this, select an image or rectangle and change the value under "Corner Radius" in the Design tab in the Inspector Panel.
Create digestible content and save screen real-estate by condensing lengthy content into categories that can be viewed on separate tabs.
Template - Horizontal Tab Module
1280px x 720px
Turn flat objects into multidimensional, dynamic content by adding a drop shadow.
To apply a drop shadow, select the shape or image and add a shadow in the design panel. Experiment with the shadow color, blurriness, and position in relation to the asset.
To replace an image, select the png or jpeg on the canvas or in the layers panel and click the "Replace image" button, which is next to the image thumbnail in the design panel. Any applied animation to the original image will carry over to the new one.
Tip: Try to make the new image a similar size and dimension to the image being replaced.
COVID-19:
Cybersecurity in Action
COVID-19 has dominated our consciousness for months now. It’s changed the shape of businesses, economies, industries and our everyday lives in the most dramatic ways possible.
However, in our business life, it’s not just what we’re dealing with but also how we choose to deal with it. With the reality of the largest cyber security attack on the horizon, organizations have a critical decision to make for their cybersecurity program — to continue with the same approach or evolve into a new one, a better one, a more secure one.
Forbes predicts we’ll see the largest cyberattack in history within the next six months.
We will say it just once, but this is our “new normal.”
Clearly, a lot. We don’t need to belabor the point — however, Optiv has observed, analyzed and broken down some of these wide-reaching changes and has assessed the impacts they’ve had on cybersecurity through actively working with clients to solve these challenges.
Now What?
Let’s consider a few of the impacts that have been thrown at your organization. Addressing these examples will help effectively protect and maintain your business, both now and in the future.
We’ll unpack the effects we’ve observed, their ramifications in a cybersecurity context and finally how to ready yourself to emerge in the best possible position.
Rapid Cloud Adoption and Data Surge
We’ve seen data proliferate globally with increased online transactions, online communications and sharing across networks. In a couple of short months, the world moved online in mass, changing everything.
NEXT
What We Have Seen
If there is a topic you want us to explore, let us know on NEWINBOX@optiv.com
As every organization worldwide continues to deal with the most significant disruption to their business (ironically, since the advent of the Internet), digitalization solutions have become vital and are in high demand. As with any internet-delivered service, cybersecurity remains clearly in focus. Digital communication channels have soared as businesses, health care providers, schools and families have discovered new ways to communicate and stay connected.
A Virtual Reality
WFH Tipping Point
The speed at which organizations have adapted should be commended – sincerely – because they’ve done what needed to be done. However, the expedited adoption of remote working creates new and/or bigger challenges that organizations must address.
Even if only for a few months, business closures have suffocated revenue streams for many industries, forcing business leaders and security teams to do more
with less. As a result, hiring for additional security staff has been placed on hold and company initiatives are being strategically reprioritized. From a security perspective, this can quickly cost large organizations millions or potentially billions when an attacker finds a vulnerability, a patch isn’t applied, or business continuity and disaster recovery process is incomplete without the requisite headcount.
Since COVID-19 began, reevaluation and
rationalization of security tooling has been an ongoing task for security teams, resulting in a vendor consolidation effort for many organizations. Rather than rip and replace when technology seems too problematic, Optiv has seen an uptick in companies procuring services to assist with deployment analysis as well as policy and process improvements for their environment. Many organizations do not have the right talent or enough staffing to dedicate to these projects and have looked for outside advisors and support. Organizations need to evaluate if these solutions are viable and should be fully implemented or if they’re adding unnecessary risk.
NEXT
Hindsight is 2020
PREVIOUS
Our New Normal
If there is a topic you want us to explore, let us know on NEWINBOX@optiv.com
Security guardrails (not gates); securely connecting technology and people to business and policy
Adaptable Digital Security Management
Source: Forbes
We’ll dive deeper into how this impacts your business and how to address it later. But for now, you might have risks that you likely didn’t have before. Not only do you need to worry about securing mobile and third-party devices, but you also need to consider the security of your supply chain and business partnerships – all those employees in each supplier, set up for newly remote work in a hurry, equally bringing new vulnerabilities. It’s easy to see how your attack surface has just grown exponentially.
The US estimated that 7% of its workforce worked from home pre-COVID-19, that is 9.8 million people. Netskope estimated that rose to 58% of knowledge works in March and is likely to be higher today.
Bigger attack surfaces
A large university has committed to providing their faculty and students the latest cutting-edge technology to create the best possible learning environment. They promised a fast, secure and reliable network across campus for every IoT and BYOD device.
Challenge
The world, businesses and lives have changed in ways that very few had seriously considered. During the chaotic start of the pandemic, many organizations scrambled to deploy a remote workforce and maintain business continuity. However, few were preparing for the impact that these drastic changes would have on their holistic cybersecurity program and risk management strategies.
Now that the dust is settling, it’s important to revisit your cybersecurity strategies and vigilantly plan for the unknown. Whether you decide to return to normal, shift to a new normal or adopt a hybrid model, it’s critical to review the implications on key security pillars to achieve a resilient cybersecurity strategy.
It’s easy to know what the right thing would’ve been to do after something has already happened, but it’s hard to predict the future.
Challenge: The massive shift to WFH has made securing an organization’s identity and data more critical now than ever before. Going forward, it’s imperative for organizations to re-assess their Identity and Data Management (IDM) strategy, policies and processes as their prior implementations and standards may no longer be viable or ensure the same level of security.
Solution: Addressing remote access privileges, protection of data throughout its lifecycle, identity governance and third-party access should be a top priority. Tackling these items first will ensure the highest level of security while continuing to empower organizations to maximize their data and provide employees seamless access to the systems they need to be successful.
Security
Operations
Threat
Management
Privacy
and Risk
Third
Party Risk
Cybersecurity Fundamentals
Threat
Management
Privacy
and Risk
Third
Party Risk
Threat
Management
Privacy
and Risk
Third
Party Risk
Threat
Management
Privacy
and Risk
Third
Party Risk
Source: Gartner
Gartner says 52% of legal and compliance leaders are concerned about third-party cybersecurity risk since COVID-19.
Threat
Management
Privacy
and Risk
Third
Party Risk
Limit Exposure
Continue to assess the landscape
Adjust monitoring as needed for misconfigured databases and devices
Review third party compliance with key regulations
Harden the buffer between you and third parties or potentially remove them from the network
Validate business continuity plans
A guide for conquering cybersecurity challenges, packed with use cases, resources and actionable steps to take now as well as how to plan for a post-pandemic world.
Tap to jump chapters
Our New Normal
Keep Calm and Innovate On
Hindsight is 2020
What's Next
Fluid Attack Surfaces
Enterprises traditionally have known IPs, known network requirements and known devices. With COVID19, those known quantities have been reduced. IPs now vary (making filtering and monitoring difficult) and employees are using unsecure home routers.
The security of home and public WiFi and BYOD policies are 2 of the top 3 risks in the WFH era. 65% of companies are allowing employees to access networks from personal or unmanaged devices.
Source: 2020 Work from Home Cybersecurity Report
Bigger Attack Surfaces
In addition to the security of mobile and 3rd party devices, you also need to consider your supply chain and business partnerships. All those suppliers bring new vulnerabilities and grow your attack surface exponentially.
The US estimated that 7% of its workforce worked from home pre-COVID, that is 9.8 million people. Netskope estimated that rose to 58% of knowledge works in March and is likely to be higher today.
Source: 2020 Work from Home Cybersecurity Report
Managing new data at rest and in motion
Protected data, critical data and customer data are spread wider and on new portions of your infrastructure – securing that is a priority. That data still needs to meet compliance and legislation requirements – GDPR, CCPA, PIPEDA etc.
As every organization worldwide continues to deal with the most significant disruption to their business (ironically, since the advent of the Internet), digitalization solutions have become vital and are in high demand. As with any internet-delivered service, cybersecurity remains clearly in focus. Digital communication channels have soared as businesses, health care providers, schools and families have discovered new ways to communicate and stay connected.
A Virtual Reality
Accelerating Digital Transformation
For every CISO, COVID-19 has been a wakeup call for innovation and several organizations have taken this opportunity to propel their DX initiatives and improve customer and employee experiences. Optiv has seen interest in cloud, networking and threat mitigation solutions skyrocketing since the pandemic started. These solutions have become essential for building agile and adaptive security programs covering remote workers, supply chains, applications and data.
In order to maintain a secure and highly resilient digital environment, it’s critical to ensure the proper security processes, controls and configurations are in place.
As the world continues to shift and the future remains full of unknowns, one thing is clear—now is the time to accelerate your DX strategy and efforts. Remain calm and vigilant as you assess your current digital and cybersecurity strategy. Optiv can help.
A guide for conquering cybersecurity challenges, packed with use cases, resources and actionable steps to take now as well as how to plan for a post-pandemic world.
Come back Oct. 26 to learn more
Hindsight is 2020
Come back Nov. 9 to learn more
So, What’s Happened?
Take a look at the events that brought us here to help you better understand what actions to take next and how to plan for a post-pandemic world.
View Infographic
Todd Weber, CTO of Optiv Inc., and his team of experts have delved into some of the challenges [new and old] that are forcing their way to the top of a CISO’s to-do list.
Explore Challenges
01
02
03
04
05
The Challenge
For many organizations, this push to the cloud was intended to be a multi-year runway, with gradual adoption and very little risk. Organizations have adapted to survive, but the infrastructure, strategy and planning (especially budgets) have not been prepared for this degree of speed or strain in many cases, and they may fail to keep up in the long run.
Our Capabilities
The Challenge
Our Capabilities
Optiv has helped organizations become more vigilant than ever before. No matter where you are in your cloud adoption journey, we can help. With our Cloud Security solutions, your organization can migrate to the cloud securely and quickly, maximizing the value of your organization’s data even during the most challenging times.
The Challenge
Our Capabilities
Let’s face it, your attack surface is shifting and growing, and getting your arms around it is increasingly difficult. Many businesses were so unprepared for such massive pivots that they started utilizing tools and applications that often lack essential security controls and fail to meet various compliance requirements.
In order to survive, some businesses have been hastily forced to:
• Adopt consumer-focused products for business continuity
• Allow employees to use personal devices to access
critical data
• Incorporate consumer-focused products such as video
conferencing and file-sharing platforms
• Extend remote access solutions that had been used
previously by only small groups
• Continue working with suppliers and business partnerships
that made similar adjustments when faced with the same
circumstances, bringing even more new vulnerabilities
The Expanding Attack Surface
01
02
03
04
05
The Challenge
Our Capabilities
It’s easy to see how your attack surface has grown exponentially, but it’s harder to take action or know where to start. Thankfully, you can partner with the best offensive security team in the industry to reduce your attack surface and secure your enterprise.
Learn More
The Challenge
Our Capabilities
The quantity and type of data travelling over your network has increased and changed. Protected data, critical data, customer data and data at rest are all spread wider and on new portions of your infrastructure – and securing that is a top priority.
Organizations have rushed to meet the demands that the pandemic dealt out while trying to remain as nimble as possible. However, the compliance and legislation requirements – GDPR, CCPA, PIPEDA – have not relaxed and businesses still need to achieve those standards.
Managing New Data at Rest and In Motion
01
02
03
04
05
The Challenge
Our Capabilities
Optiv has been a leading provider in compliance services for over a decade and can help you check the right compliance boxes through on-going program management.
The Challenge
Our Capabilities
Is it really shocking to think that in a state of change, chaos, distraction and uncertainty that the ‘bad guys’ would be assembling to take advantage of the situation? Short answer: “No”.
Per the headlines above, the scale at which the malicious attackers are ramping up is mind-blowing. This is a lucrative time for black hatters. Hackers and criminal organizations are fully motivated, highly capable and well-funded to attack any organization at any time during a period of genuine vulnerability.
On top of everything else, you add the human element – the most vulnerable target. As a society, we’re feeling insecure and hungry for information and resources. Phishing, smishing and vishing will happily prey on both business and human pressures to maximize their own return.
Attackers Advantage
01
02
03
04
05
The Challenge
Our Capabilities
Optiv’s security services can help strengthen your security operations and boost your security defenses against these evolving threats and advanced attacks on your employees, devices and data. We’ve illustrated the steps needed to protect your remote workers, systems and enterprise environments.
Learn More
The Challenge
Our Capabilities
Rapidly implementing both a remote workforce and radical shifts in daily operations has been necessary to keep your business running and employees safe - but many organizations have found themselves with a new, increased risk profile.
Employees and contractors are now working remotely from places you know nothing about, sending, receiving and storing data who-knows-where or on what devices. This expanding threat landscape has changed the game for data management and protection standards, requiring organizations to rethink and revamp their privacy management programs.
Securing A Remote Workforce
01
02
03
04
05
The Challenge
Our Capabilities
With remote workers relying on home networks for the foreseeable future, it’s vital that organizations ensure the same level of protection as before the shift. We re commend employing proven strategies, including expanding what you currently have, creating alternative access methods and redesigning your cybersecurity program at scale. To those ends, Optiv provides a wide variety of advisory services, including Security Program and Security Strategy Assessments that will provide guidance on rationalizing and optimizing your environment as well as building tailored standards that will best fit your organization’s tech stack, threat landscape and risk appetite.
More content
coming soon!
X
More content coming soon!
Check back on November 9th.
X
The Challenge
Our Capabilities
Digitalization offers many advantages, but overbold decisions and rash technology investments can lead to security gaps and increased vulnerabilities. On the other hand, organizations that were delaying digital transformation (DX) efforts have been caught off guard and unable to deliver a positive customer experience.
01
02
03
04
05
The Challenge
Our Capabilities
Organizations across all industries are changing and innovating every day. Regardless of whether you were in the process of planning, building, deploying, managing or advancing your digital transformation (DX) journey before the pandemic started, Optiv can help you bring it into reality.
Zoom surpassed 300 million daily meeting participants in late April, up 30X from 10 million in December of 2019.
Optiv in Action
Source: Zoom
Optiv can replace uncertainty with confidence. Explore our approaches and the actionable technical steps needed to enable and secure a WFH model that addresses each security solution.
What We’ve Seen
Achieve More with Less
Optiv in Action
• Remote Access Solutions
• BYOD
• Cloud and Digital Transformation
• Identity and Identity Governance
• Data Management
• Security Operations
• Remote Access Policy
• Remote Collaboration/Meeting Solutions
• Corporate Communications
• Vacant Facility Considerations
COVID-19: Securing Work From Home Checklist
x
Learn More
The pandemic didn’t cause all these issues, but it did help expose them. With attackers lurking, organizations need to remain vigilant and partner with a security solutions integrator like Optiv. We can help you address the legacy solutions, processes and challenges you have in place and augment your existing teams and threat detection capabilities. Now is the time to reduce redundancies, maximize capabilities and achieve your full investment in a solution before making the decision that a replacement effort is needed. Optiv provides expertise, staffing and technology to ensure immediate, short-term business continuity or to build in-house expertise through ongoing security awareness training. With more than 350 industry certifications, our trained professionals can quickly and proficiently resolve Tier 1, 2 and 3 technical support issues.
How We Can Help
Optiv in Action
For every CISO, COVID-19 has been a wakeup call for innovation and several organizations have taken this opportunity to propel their DX initiatives and improve customer and employee experiences. Optiv has seen interest in cloud, networking and threat mitigation solutions skyrocketing since the pandemic started. These solutions have become essential for building agile and adaptive security programs covering remote workers, supply chains, applications and data.
In order to maintain a secure and highly resilient digital environment, it’s critical to ensure the proper security processes, controls and configurations are in place.
As the world continues to shift and the future remains full of unknowns, one thing is clear—now is the time to accelerate your DX strategy and efforts. Remain calm and vigilant as you assess your current digital and cybersecurity strategy. Optiv can help.
Accelerating Digital Transformation
Optiv in Action
Optiv Helps Solve your Largest DX Challenges…
Talent Shortage
Technology
Proliferation
Risk and Trust
Data Explosion
Compliance
Adaptable Digital
Security Mgmt
by delivering outcomes that meet your evolving business
Organizations leading in DX are less vulnerable to the pandemic and more likely to succeed in a post-pandemic world.
Optiv in Action
Responding to regulatory changes and policy catch-up
Compliance
Understanding, managing and creating actionable insight from business and security relevant data
Data Explosion
Poorly integrated point solutions impacting cost, ownership and exposure
Technology Proliferation
Securing digital interactions in a shared IT responsibility model
Risk and Trust
Driving automation and orchestration
Talent Shortage
Reduce risk by discovering and managing what is really happening
Consume outcomes, built for business delivered through consulting, managed or as-a-service offerings
Reduce the reliance on scarce security skills
Comprehensive, business-aligned, digital security solutions
Reduce costs through the secure cloud, automation and consolidation
Optiv has been implementing technologies and tools such that allow students, faculty and guests to safety connect their devices to the network. With COVID-19 and the move to online learning, the campus was left vacant for Optiv to safely implementations and deploy projects ahead of schedule.
Solution
A financial services company had finalized a large acquisition in Q1 that doubled the size of its workforce. During the middle of merging applications and systems, they faced the sudden demand to deploy a remote workforce. Employee productivity was hindered due to outages and slowdowns with the existing number of licenses and VPN solutions.
Challenge
Optiv quickly worked with their security teams to determine the best approach for expanding and deploying a Zero Trust solution for all employees. We immediately enabled their workforce to securely work from home and improve their long-term security posture by enhancing their ability to improve data security, minimize lateral access, reduce threats of ransomware attacks, and shrink their attack surface.
Solution
Optiv in Action
Due to the stay-at-home orders, a large financial institution needed to quickly and dramatically ramp up their VPN technology and engineering support to handle the quick and exponential increase in their remote workforce.
Challenge
Optiv provided multiple engineers to supplement support and increased their hardware licensing to account for the additional remote users.
Solution
54% of companies made the shift to fully support a remote workforce in 0-7
days and another 25% in 8-14 days.
Source: 2020 Work from Home Cybersecurity Report
A health care organization lost their budget for additional spending and needed to reduce costs.
Challenge
Optiv leveraged our close relationship with many technology partners to find cost saving opportunities, better optimize the technologies they already own and helping create use case justifications for maintaining their current level of security technology. Our client was able to allocate the saved budget towards patient portal improvements.
Solution
Faced with COVID-19 related cost and budget cuts, a large healthcare system needed to enhance their technology integrations to get the most out of their existing infrastructure since purchasing new technology was not an option.
Challenge
Optiv was able to work with the client to strategize a managed technology solution that would better optimize their existing technology for their growing cloud environment. This helped accomplish the desired end-goals as well as save the client money that can now be reinvested in patient care.
Solution
Learn how our surge support offerings can help you achieve more with less.
Contact Us
A large US-based retailer needed to upgrade to a more advanced application security testing tool, but they did not have the staffing available for the implementation and management of the new technology.
Challenge
Optiv facilitated a managed technology solution that would result in our running their AppSec program for them so that their staff could focus on more pressing items.
Solution
Clearly, a lot. We don’t need to belabor the point — however, Optiv has observed, analyzed and broken down some of these wide-reaching changes and has assessed the impacts they’ve had on cybersecurity through actively working with clients to solve these challenges.
So, What’s Happened?
What's Next
Come back Nov. 16 to learn more
More content coming soon!
Check back on November 16th.
X
The Challenge
Our Capabilities
For many organizations, this push to the cloud was intended to be a multi-year runway, with gradual adoption and very little risk. Organizations have adapted to survive, but the infrastructure, strategy and planning (especially budgets) have not been prepared for this degree of speed or strain in many cases, and they may fail to keep up in the long run.
The Challenge
Our Capabilities
For many organizations, this push to the cloud was intended to be a multi-year runway, with gradual adoption and very little risk. Organizations have adapted to survive, but the infrastructure, strategy and planning (especially budgets) have not been prepared for this degree of speed or strain in many cases, and they may fail to keep up in the long run.
We’ve seen data proliferate globally with increased online transactions, online communications and sharing across networks. In a couple of short months, the world moved online in mass, changing everything.
Rapid Cloud Adoption and Data Surge
The Challenge
Our Capabilities
Optiv has helped organizations become more vigilant than ever before. No matter where you are in your cloud adoption journey, we can help. With our Cloud Security solutions, your organization can migrate to the cloud securely and quickly, maximizing the value of your organization’s data even during the most challenging times.
We’ve seen data proliferate globally with increased online transactions, online communications and sharing across networks. In a couple of short months, the world moved online in mass, changing everything.
Rapid Cloud Adoption and Data Surge
01
02
03
04
05
In order to survive, some businesses have been hastily forced to:
Adopt consumer-focused products for business continuity
Allow employees to use personal devices to access critical data
Incorporate consumer-focused products such as video conferencing and file-sharing platforms
Extend remote access solutions that had been used previously by only small groups
Continue working with suppliers and business partnerships that made similar adjustments when faced with the same circumstances, bringing even more new vulnerabilities
The Challenge
Our Capabilities
In order to survive, some businesses have been hastily forced to:
Let’s face it, your attack surface is shifting and growing, and getting your arms around it is increasingly difficult. Many businesses were so unprepared for such massive pivots that they started utilizing tools and applications that often lack essential security controls and fail to meet various compliance requirements.
The Expanding Attack
Surface
The Challenge
Our Capabilities
It’s easy to see how your attack surface has grown exponentially, but it’s harder to take action or know where to start. Thankfully, you can partner with the best offensive security team in the industry to reduce your attack surface and secure your enterprise.
Let’s face it, your attack surface is shifting and growing, and getting your arms around it is increasingly difficult. Many businesses were so unprepared for such massive pivots that they started utilizing tools and applications that often lack essential security controls and fail to meet various compliance requirements.
The Expanding Attack
Surface
01
02
03
04
05
The Challenge
Our Capabilities
Organizations have rushed to meet the demands that the pandemic dealt out while trying to remain as nimble as possible. However, the compliance and legislation requirements – GDPR, CCPA, PIPEDA – have not relaxed and businesses still need to achieve those standards.
The quantity and type of data travelling over your network has increased and changed. Protected data, critical data, customer data and data at rest are all spread wider and on new portions of your infrastructure – and securing that is a top priority.
Managing New Data at Rest and In Motion
The Challenge
Our Capabilities
Optiv has been a leading provider in compliance services for over a decade and can help you check the right compliance boxes through on-going program management.
The quantity and type of data travelling over your network has increased and changed. Protected data, critical data, customer data and data at rest are all spread wider and on new portions of your infrastructure – and securing that is a top priority.
Managing New Data at Rest and In Motion
01
02
03
04
05
The Challenge
Our Capabilities
Per the headlines above, the scale at which the malicious attackers are ramping up is mind-blowing. This is a lucrative time for black hatters. Hackers and criminal organizations are fully motivated, highly capable and well-funded to attack any organization at any time during a period of genuine vulnerability.
On top of everything else, you add the human element – the most vulnerable target. As a society, we’re feeling insecure and hungry for information and resources. Phishing, smishing and vishing will happily prey on both business and human pressures to maximize their own return.
Is it really shocking to think that in a state of change, chaos, distraction and uncertainty that the ‘bad guys’ would be assembling to take advantage of the situation? Short answer: “No”.
Attackers
Advantage
The Challenge
Our Capabilities
Is it really shocking to think that in a state of change, chaos, distraction and uncertainty that the ‘bad guys’ would be assembling to take advantage of the situation? Short answer: “No”.
Attackers
Advantage
01
02
03
04
05
Optiv has helped organizations become more vigilant than ever before. No matter where you are in your cloud adoption journey, we can help. With our Cloud Security solutions, your organization can migrate to the cloud securely and quickly, maximizing the value of your organization’s data even during the most challenging times.
Let’s face it, your attack surface is shifting and growing, and getting your arms around it is increasingly difficult. Many businesses were so unprepared for such massive pivots that they started utilizing tools and applications that often lack essential security controls and fail to meet various compliance requirements.
Rapid Cloud Adoption and Data Surge
The Challenge
Our Capabilities
For many organizations, this push to the cloud was intended to be a multi-year runway, with gradual adoption and very little risk. Organizations have adapted to survive, but the infrastructure, strategy and planning (especially budgets) have not been prepared for this degree of speed or strain in many cases, and they may fail to keep up in the long run.
The Challenge
Our Capabilities
Optiv has helped organizations become more vigilant than ever before. No matter where you are in your cloud adoption journey, we can help. With our Cloud Security solutions, your organization can migrate to the cloud securely and quickly, maximizing the value of your organization’s data even during the most challenging times.
Organizations across all industries are changing and innovating every day. Regardless of whether you were in the process of planning, building, deploying, managing or advancing your digital transformation (DX) journey before the pandemic started, Optiv can help you bring it into reality.
Zoom surpassed 300 million daily meeting participants in late April, up 30X from 10 million in December of 2019.
What We’ve Seen
Even if only for a few months, business closures have suffocated revenue streams for many industries, forcing business leaders and security teams to do more with less. As a result, hiring for additional security staff has been placed on hold and company initiatives are being strategically reprioritized. From a security perspective, this can quickly cost large organizations millions or potentially billions when an attacker finds a vulnerability, a patch isn’t applied, or business continuity and disaster recovery process is incomplete without the requisite headcount.
Source: 2020 Work from Home Cybersecurity Report
How We Can Help
The speed at which organizations have adapted should be commended – sincerely – because they’ve done what needed to be done. However, the expedited adoption of remote working creates new and/or bigger challenges that organizations must address.
WFH Tipping Point
Optiv can replace uncertainty with confidence. Explore our approaches and the actionable technical steps needed to enable and secure a WFH model that addresses each security solution.
Optiv in Action
WFH Tipping Point
•
•
•
•
•
•
•
•
•
•
Remote Access Solutions
BYOD
Cloud and Digital Transformation
Identity and Identity Governance
Data Management
Security Operations
Remote Access Policy
Remote Collaboration/Meeting Solutions
Corporate Communications
Vacant Facility Considerations
• Remote Access Solutions
• BYOD
• Cloud and Digital Transformation
• Identity and Identity Governance
• Data Management
• Security Operations
• Remote Access Policy
• Remote Collaboration/Meeting Solutions
• Corporate Communications
• Vacant Facility Considerations
Remote Access Policy
Remote Collaboration/Meeting Solutions
Corporate Communications
Vacant Facility Considerations
•
•
•
•
•
•
•
•
•
•
COVID-19: Securing Work From Home Checklist
Learn More
Even if only for a few months, business closures have suffocated revenue streams for many industries, forcing business leaders and security teams to do more with less. As a result, hiring for additional security staff has been placed on hold and company initiatives are being strategically reprioritized. From a security perspective, this can quickly cost large organizations millions or potentially billions when an attacker finds a vulnerability, a patch isn’t applied, or business continuity and disaster recovery process is incomplete without the requisite headcount.
Achieve More with Less
Optiv in Action
The pandemic didn’t cause all these issues, but it did help expose them. With attackers lurking, organizations need to remain vigilant and partner with a security solutions integrator like Optiv. We can help you address the legacy solutions, processes and challenges you have in place and augment your existing teams and threat detection capabilities. Now is the time to reduce redundancies, maximize capabilities and achieve your full investment in a solution before making the decision that a replacement effort is needed. Optiv provides expertise, staffing and technology to ensure immediate, short-term business continuity or to build in-house expertise through ongoing security awareness training. With more than 350 industry certifications, our trained professionals can quickly and proficiently resolve Tier 1, 2 and 3 technical support issues.
Optiv in Action
Optiv in Action
by delivering outcomes that meet your evolving business
Optiv Helps Solve your Largest DX Challenges…
Talent Shortage
Risk and Trust
Data Explosion
Technology
Proliferation
Compliance
Adaptable Digital
Security Mgmt
Optiv in Action
Organizations leading in DX are less vulnerable to the pandemic and more likely to succeed in a post-pandemic world.
Security guardrails (not gates); securely connecting technology and people to business and policy
Adaptable Digital Security Management
Responding to regulatory changes and policy catch-up
Compliance
Understanding, managing and creating actionable insight from business and security relevant data
Data Explosion
Poorly integrated point solutions impacting cost, ownership and exposure
Technology Proliferation
Securing digital interactions in a shared IT responsibility model
Risk and Trust
Driving automation and orchestration
Talent Shortage
Reduce risk by discovering and managing what is really happening
Consume outcomes, built for business delivered through consulting, managed or as-a-service offerings
Reduce the reliance on scarce security skills
Comprehensive, business-aligned, digital security solutions
Reduce costs through the secure cloud, automation and consolidation
A large university has committed to providing their faculty and students the latest cutting-edge technology to create the best possible learning environment. They promised a fast, secure and reliable network across campus for every IoT and BYOD device.
Challenge
Optiv has been implementing technologies and tools such that allow students, faculty and guests to safety connect their devices to the network. With COVID-19 and the move to online learning, the campus was left vacant for Optiv to safely implementations and deploy projects ahead of schedule.
Solution
A financial services company had finalized a large acquisition in Q1 that doubled the size of its workforce. During the middle of merging applications and systems, they faced the sudden demand to deploy a remote workforce. Employee productivity was hindered due to outages and slowdowns with the existing number of licenses and VPN solutions.
Challenge
Optiv quickly worked with their security teams to determine the best approach for expanding and deploying a Zero Trust solution for all employees. We immediately enabled their workforce to securely work from home and improve their long-term security posture by enhancing their ability to improve data security, minimize lateral access, reduce threats of ransomware attacks, and shrink their attack surface.
Solution
Due to the stay-at-home orders, a large financial institution needed to quickly and dramatically ramp up their VPN technology and engineering support to handle the quick and exponential increase in their remote workforce.
Challenge
Optiv provided multiple engineers to supplement support and increased their hardware licensing to account for the additional remote users.
Solution
54% of companies made the shift to fully support a remote workforce in 0-7
days and another 25% in 8-14 days.
Source: 2020 Work from Home Cybersecurity Report
A health care organization lost their budget for additional spending and needed to reduce costs.
Challenge
Optiv leveraged our close relationship with many technology partners to find cost saving opportunities, better optimize the technologies they already own and helping create use case justifications for maintaining their current level of security technology. Our client was able to allocate the saved budget towards patient portal improvements.
Solution
Contact Us
Faced with COVID-19 related cost and budget cuts, a large healthcare system needed to enhance their technology integrations to get the most out of their existing infrastructure since purchasing new technology was not an option.
Challenge
Optiv was able to work with the client to strategize a managed technology solution that would better optimize their existing technology for their growing cloud environment. This helped accomplish the desired end-goals as well as save the client money that can now be reinvested in patient care.
Solution
Learn how our surge support offerings can help you achieve more with less.
A large US-based retailer needed to upgrade to a more advanced application security testing tool, but they did not have the staffing available for the implementation and management of the new technology.
Challenge
Optiv facilitated a managed technology solution that would result in our running their AppSec program for them so that their staff could focus on more pressing items.
Solution
NEXT
Keep Calm and Innovate On
PREVIOUS
Our New Normal
Optiv IDM Assessments and Workshops can enable organizations to start down the path of addressing these potential security gaps going forward.
Learn More
Challenge: As the number of remote workers grew at unforeseen rates - practically overnight – organizations were suddenly faced with training, resiliency and continuity challenges that stretched the limits of their current models for maintaining effective Security Operations. At the same time, they were forced to drastically adjust current staffing, but their commitments, contracts and obligations didn’t change. While still being required to maintain the confidentiality, integrity and availability of data.
Solution: As we move to the next phase of the pandemic, it’s more critical than ever that businesses have a trusted partner they can turn to for help relieving stress and strain, filling gaps, and providing timely, relevant and actionable security and threat intelligence in support of their day-to-day Security Operations. Optiv is committed to becoming an extension of your Security Operations, working closely and cohesively with them in a consultative manner to maximize value and elevate outcomes. Our 24x7 Security Operations can support, manage and monitor your security technology stacks and alleviate the pressure on your staff.
Cyber Operations: Managed Security Services Service Brief
Learn More
Cybersecurity Fundamentals
Cybersecurity Fundamentals
Cybersecurity Fundamentals
Cybersecurity Fundamentals
Challenge: Cybercriminals are going after the low hanging fruit of organizations. Attackers have been using similar tactics as before, preying on vulnerable human elements and taking advantage of the surge in digital communications with phishing scams. Most organizations were focused more on business continuity rather than risk implications during the quick shift to remote work. Some have been relying on systems and technologies that are not typically monitored or accessed remotely. As a result, known and unforeseen gaps in data security have occurred.
Solution: Organizations should continue to prepare for evolving threats and advanced attacks by hardening their security operations. Proactively taking the needed steps to protect your WFH and enterprise environments is critical to minimize risk. Evaluating your attack surface is important to reduce exposure and minimize the endpoints in your environment wherever possible. Focusing on mobile device security, social activities, network monitoring and multifactor authentication will enable security teams to react quickly.
Attack Surface Management Services Service Brief
Learn More
Challenge: In order to swiftly prepare for a remote workforce, many security teams had to initially accept a higher level of risk that should be addressed when moving into recovery mode. As you settle into new operational modes, consider the elements and concerns for managing personally identifiable information (PII) to reduce risk of not only noncompliance penalties, but also a security breach or loss of reputation and revenue.
Solution: Strategic planning for continued operational agility as well as revisiting business continuity strategies is the best approach for tackling these challenges and reducing privacy risk. Assess the controls, policies and procedures that are in place to protect data and PII and ensure they’re fully enforced and monitored in WFH scenarios. Evaluate operations for job functions by classifying and prioritizing controls and access for remote workers to reduce risk by removing unnecessary access to PII. These approaches can be highly effective in achieving a resilient, sustainable program that enables privacy and lowers risk.
Risk Transformation
and Optimization
Service Brief
Learn More
Challenge: Every aspect of how business is conducted has changed, and while you adjust, your partners are adjusting at the exact same time. The global supply chain has experienced drastic shifts while managing critical demands to continue delivering food, medical equipment and essential supplies. Some companies even converted their facilities to produce life-saving devices such as ventilators and personal protective equipment (PPE). Depending on the number of third-party suppliers you rely on, your attack surface could have exponentially expanded overnight.
Solution: It’s important to assess and review your third-party relationships to ensure they have implemented the proper security controls, secured the softer access points and mitigated all risk associated with the shift to remote working. Along with many industry experts, we recommend that you limit exposure and take a closer look at supply chain operations to mitigate risk.
2020 has been full of surprises. We might not know what the future holds, but we do know that now is the time to accelerate your digital transformation initiatives, address your biggest security challenges with the board and secure everything you need to protect your organization.
What Now?
As operations begin to settle, organizations should start to evaluate the extent to which this operational shift has impacted their overall risk profile. Risk and data security leaders should now be asking themselves things such as:
Short-term strategy
Long-term strategy
1
2
3
4
5
6
Develop a New Risk Reduction Strategy
How are employees accessing
data and do they have access to
too much?
Are we still maintaining compliance with relevant laws
and regulations?
How secure are our employees' home network setups?
How secure are our cloud environments?
What holes have we unintentionally opened in our cyber programs?
Communicating overall risk with the c-suite and board has been a persistent challenge for cybersecurity teams because these two groups typically speak different languages. As COVID-19 has created a significant shift in operations, new risks have emerged, and existing risks have intensified—impacting overall business objectives. Now, more than ever, security teams and business leaders should be tightly aligned as a robust cybersecurity strategy is critical for businesses to endure this pandemic.
In order to have a productive conversation with business leaders, security professionals need to effectively communicate security issues and present necessary actions required to maintain a healthy security posture, so the business can focus on what matters most.
Strategize with The Board –
You Have Their Full Attention
We provide expertise, staffing and technology to ensure immediate, short-term business continuity or to build in-house knowledge through ongoing security awareness training.
Learn More
We are all aware there is no vaccine or cure for COVID-19 at this time and that another round of resurgence could easily follow any rebound we see. Optiv provides resilient security solutions that can quickly be brought into current business and operating models.
Strengthen Security Operations
Optiv’s Security Operations Team is here to assist clients to become more organized, agile and proactive while improving time to respond and mitigation, providing coordinated efforts to stabilize and strengthen their Security Operations. We’re can help clients build resilience and strengthen their security posture. Optiv has the experience, resources, response plans and protocols that help clients quickly and effectively manage risks and maintain a strong cybersecurity posture. By leveraging our security expertise and proven cybersecurity solutions, clients can keep their focus on their core strengths and defining their new normal.
64%
NEXT
What's Next
PREVIOUS
Keep Calm and Innovate On
Sources: 2019–2020 NACD Public Company Governance Survey
Even before the COVID crisis, Boards of Directors were keenly focused on digital transformation and understanding the resulting impact on cyber risk. In fact, only 64% of directors said their board's understanding of cyber risk was strong enough to provide effective oversight.
Check Out Tips for Getting the Board on Board with Security Risk
Fluid attack surfaces
Download
Communication plans
Executive-level advisory
Develop or revise plans
Remote Workforce
CRISIS MANAGEMENT
1
2
3
Download
4
5
6
•
•
•
•
Evaluate and coordinate for stop-gap measures in reporting
Compliance
Business impact analysis of temporary operational models
Optimize BC plans that may not address rapid workplace changes
Determine key personnel, data and systems required to sustain/maintain new normal
•
•
•
Business Continuity
Evaluate and quantify changes to profile due to rapid change
Identify and prioritize high risks to ops due to workforce reductions
•
•
Remote Workforce
Evaluate contractual language for the inclusion of an alternate mode of operations (BC for third parties)
Evaluate assessment program for the ability to re-assess and monitor during crisis-level operational modes
•
•
Third-Party Risk Management
Evaluate adaptability of policies, processes and procedures to allow for recurrence of future crisis-level operational shifts
Revise programs to enable rapid transfer between operational modes and dual-mode capability
Evaluate proper staffing, roles and responsibilities
•
•
•
Security Program Optimization
Security
Operations
Security
Operations
Security
Operations
Security
Operations
Identity and
Data Management
Identity and
Data Management
Identity and
Data Management
Identity and
Data Management
Identity and
Data Management
Security
Operations
Security
Operations
Security
Operations
Security
Operations
It’s easy to know what the right thing would’ve been to do after something has already happened, but it’s hard to predict the future.
The world, businesses and lives have changed in ways that very few had seriously considered. During the chaotic start of the pandemic, many organizations scrambled to deploy a remote workforce and maintain business continuity. However, few were preparing for the impact that these drastic changes would have on their cybersecurity program.
Now that the dust is settling, it’s important to revisit your cybersecurity strategies and vigilantly plan for the unknown. Whether you decide to return to normal, shift to a new normal or adopt a hybrid model, it’s critical to review cybersecurity fundamentals to achieve a resilient cybersecurity strategy.
Identity and Data Management
Challenge: The massive shift to WFH has made securing an organization’s identity and data more critical now than ever before. Going forward, it’s imperative for organizations to re-assess their Identity and Data Management (IDM) strategy, policies and processes as their prior implementations and standards may no longer be viable or ensure the same level of security.
Solution: Addressing remote access privileges, protection of data throughout its lifecycle, identity governance and third-party access should be a top priority. Tackling these items first will ensure the highest level of security while continuing to empower organizations to maximize their data and provide employees seamless access to the systems they need to be successful.
Source: 2020 Work from Home Cybersecurity Report
Security Operations
Source: 2020 Work from Home Cybersecurity Report
Threat Management
Privacy and Risk
Gartner says 52% of legal and compliance leaders are concerned about third-party cybersecurity risk since COVID-19.
Source: Gartner
Implications for Third Party Risk
Challenge: As the number of remote workers grew at unforeseen rates - practically overnight – organizations were suddenly faced with training, resiliency and continuity challenges that stretched the limits of their current models for maintaining effective Security Operations. At the same time, they were forced to drastically adjust current staffing, but their commitments, contracts and obligations didn’t change. While still being required to maintain the confidentiality, integrity and availability of data.
Solution: As we move to the next phase of the pandemic, it’s more critical than ever that businesses have a trusted partner they can turn to for help relieving stress and strain, filling gaps, and providing timely, relevant and actionable security and threat intelligence in support of their day-to-day Security Operations. Optiv is committed to becoming an extension of your Security Operations, working closely and cohesively with them in a consultative manner to maximize value and elevate outcomes. Our 24x7 Security Operations can support, manage and monitor your security technology stacks and alleviate the pressure on your staff.
Challenge: Cybercriminals are going after the low hanging fruit of organizations. Attackers have been using similar tactics as before, preying on vulnerable human elements and taking advantage of the surge in digital communications with phishing scams. Most organizations were focused more on business continuity rather than risk implications during the quick shift to remote work. Some have been relying on systems and technologies that are not typically monitored or accessed remotely. As a result, known and unforeseen gaps in data security have occurred.
Solution: Organizations should continue to prepare for evolving threats and advanced attacks by hardening their security operations. Proactively taking the needed steps to protect your WFH and enterprise environments is critical to minimize risk. Evaluating your attack surface is important to reduce exposure and minimize the endpoints in your environment wherever possible. Focusing on mobile device security, social activities, network monitoring and multifactor authentication will enable security teams to react quickly.
Challenge: In order to swiftly prepare for a remote workforce, many security teams had to initially accept a higher level of risk that should be addressed when moving into recovery mode. As you settle into new operational modes, consider the elements and concerns for managing personally identifiable information (PII) to reduce risk of not only noncompliance penalties, but also a security breach or loss of reputation and revenue.
Solution: Strategic planning for continued operational agility as well as revisiting business continuity strategies is the best approach for tackling these challenges and reducing privacy risk. Assess the controls, policies and procedures that are in place to protect data and PII and ensure they’re fully enforced and monitored in WFH scenarios. Evaluate operations for job functions by classifying and prioritizing controls and access for remote workers to reduce risk by removing unnecessary access to PII. These approaches can be highly effective in achieving a resilient, sustainable program that enables privacy and lowers risk.
Challenge: Every aspect of how business is conducted has changed, and while you adjust, your partners are adjusting at the exact same time. The global supply chain has experienced drastic shifts while managing critical demands to continue delivering food, medical equipment and essential supplies. Some companies even converted their facilities to produce life-saving devices such as ventilators and personal protective equipment (PPE). Depending on the number of third-party suppliers you rely on, your attack surface could have exponentially expanded overnight.
Solution: It’s important to assess and review your third-party relationships to ensure they have implemented the proper security controls, secured the softer access points and mitigated all risk associated with the shift to remote working. Along with many industry experts, we recommend that you limit exposure and take a closer look at supply chain operations to mitigate risk.
Develop A New Risk
Reduction Strategy
As operations begin to settle, organizations should start to evaluate the extent to which this operational shift has impacted their overall risk profile.
Through 2021, enterprises that rapidly expand remote access without implementing MFA will experience five times as many account takeover incidents as those that use MFA.
Source: Gartner
Third-Party Risk Management
Security Program Optimization
•
•
long-TERM STRATEGY
Strengthen Security Operations
Optiv’s Security Operations is here to assist you to become more organized, agile, and proactive while improving time to respond and mitigation, providing coordinated efforts to stabilize and strengthen their Security Operations.
We provide expertise, staffing and technology to ensure immediate, short-term business continuity or to build in-house knowledge through ongoing security awareness training.
View Infographic
Strategize with The Board – You Have Their Full Attention
In order to have a productive conversation with business leaders, security professionals need to effectively communicate security issues and present necessary actions required to maintain a healthy security posture, so the business can focus on what matters most.
Security teams should evaluate approaches to maximize their existing investments and breakdown technology silos. By augmenting technical resources, implementing managed security services or consolidating security technology vendors, organizations can achieve more with less.
Conduct a Work from Home Assessment to diagnose any risk deviations caused by rapid shifts in workforce operations.
Oh, the generalities are easy enough to see … but the burning questions, like, “how extensive and lasting will the damage be when this is over and done with?”, and, “when, exactly, will this be over and done with?” loom over us with no clear answer in sight.
No Magic 8-Ball and no Zoltar to consult. Just the eternal, opaque, oncoming wall of the future - inscrutable and silent … and offering few clues as to what’s behind it.
But. But, but, but - that doesn’t mean that there aren’t ways with which we can deal with the future and prepare for the unknown.
Using technology as an example, consider this quote from John Perry Barlow, Co-Founder of the Electronic Frontiers Foundation and Grateful Dead lyricist [emphases added]:
What’s Next? See, that’s the thing…
we don’t know. No one does.
70% of respondents expect the COVID-19 crisis will necessitate significant changes in their IT and security environments in 2021.
Source: Dark Reading
55% say the pandemic
will fundamentally change their organizations’ computing and data-security strategies over the long-term.
Source: Dark Reading
I look at confusing circumstances as an opportunity – but not everybody feels that way. That’s not the standard neurotic response. We’ve got a culture that’s based on the ability of people to control everything. Once you start to embrace confusion as a way of life, concomitant with that is the assumption that you really don’t control anything. At best it’s a matter of surfing the whitewater.
-John Perry Barlow
We do know that in order to succeed in the face of chaos and uncertainty, you should be flexible and open – like water – both in perspective and action. Avoid rigidity, because when one comes at tumultuous and ambiguous situations with a tunnel-visioned, cookie-cutter solution in hand, that’s when turmoil takes the day and extreme breakage goes down … hard, fast and unforgiving – no do-over, no ‘reset’ button.
We also know that you’ve been preparing new defense strategies, embracing new technologies and maybe even a new business model—but have you assessed how these fundamental changes are introducing new risks?
69% of boards of directors accelerated their digital business initiatives in the wake of
COVID-19 disruption and nearly 50% anticipate changing their organizations’ business model as a result of the pandemic.
Source: Gartner 2021 Board of Directors Survey
Risk and data security leaders are now asking themselves things such as:
How are employees accessing
data and do they have access to
too much?
Are we still maintaining compliance with relevant laws
and regulations?
How secure are our employees' home network setups?
How secure are our cloud environments?
What holes have we unintentionally opened in our cyber programs?
PREVIOUS
Hindsight is 2020
76
%
of organizations say remote work would extend the time to detect and contain a potential data breach.
Source: Ponemon Cost of a Data Breach Report 2020
70
%
expect remote work to increase the cost of a data breach.
Source: Ponemon Cost of a Data Breach Report 2020
65
%
of organizations are allowing employees to access managed applications from personal, unmanaged devices.
Source: Cybersecurity Insiders 2020 Remote Workforce Security Report
Our Work from Home Assessment eliminates this turmoil and provides clarity to prepare your business for whatever is next.
That’s how Optiv deals with a hulking, uncertain future, whether it’s massive-fast technological evolution or a global pandemic (or whatever other Black Swans may emerge). We observe, adapt, evolve and act.
We deliver the precise expertise of the specialist while seeing the vast potential of the strategic landscape through the lens of the expert generalist.
COVID-19 is still in stride. To help on that front, we’ve assembled a page of resources for your consideration and use. We are here to help you be like the water and together, we will surf the whitewater ahead.
Learn More
“Surfing the whitewater.” Worth noting. Speaking of water:
Be like water making its way through cracks. Do not be assertive, but adjust to the object, and you shall find a way around or through it. If nothing within you stays rigid, outward things will disclose themselves.
-Bruce Lee
What’s Next? See, that’s the thing… we don’t know. No one does.
Oh, the generalities are easy enough to see … but the burning questions, like, “how extensive and lasting will the damage be when this is over and done with?”, and, “when, exactly, will this be over and done with?” loom over us with no clear answer in sight.
No Magic 8-Ball and no Zoltar to consult. Just the eternal, opaque, oncoming wall of the future - inscrutable and silent … and offering few clues as to what’s behind it.
But. But, but, but - that doesn’t mean that there aren’t ways with which we can deal with the future and prepare for the unknown.
70% of respondents expect the COVID-19 crisis will necessitate significant changes in their IT and security environments in 2021.
Source: Dark Reading
We do know that in order to succeed in the face of chaos and uncertainty, you should be flexible and open – like water – both in perspective and action. Avoid rigidity, because when one comes at tumultuous and ambiguous situations with a tunnel-visioned, cookie-cutter solution in hand, that’s when turmoil takes the day and extreme breakage goes down … hard, fast and unforgiving – no do-over, no ‘reset’ button.
We also know that you’ve been preparing new defense strategies, embracing new technologies and maybe even a new business model—but have you assessed how these fundamental changes are introducing new risks?
COVID-19 is still in stride. To help on that front, we’ve assembled a page of resources for your consideration and use. We are here to help you be like the water and together, we will surf the whitewater ahead.
Our Work from Home Assessment eliminates this turmoil and provides clarity to prepare your business for whatever is next.
That’s how Optiv deals with a hulking, uncertain future, whether it’s massive-fast technological evolution or a global pandemic (or whatever other Black Swans may emerge). We observe, adapt, evolve and act.
We deliver the precise expertise of the specialist while seeing the vast potential of the strategic landscape through the lens of the expert generalist.
Learn More