Optiv Security debuts comprehensive assessments line; boosts strategy for enterprises to rationalize and optimize cyber security

Optiv Security announced this week Assessments@Optiv, a comprehensive portfolio of assessment services designed to help organizations rationalize infrastructure, optimize operations, and build risk-centric cyber security programs that are manageable, measurable and effective.

Assessments@Optiv addresses every aspect of security and risk, with strategic guidance to help organizations prioritize the assessments that best fit specific business needs. It also provides clients with access to more than 60 assessments, organized across all major industry frameworks, and security initiatives – from architecture and implementation, attack and penetration, and enterprise incident management to appsec, strategy, risk and compliance, and identity and access management.

While typical industry assessments tend to center on regulatory compliance and gap analysis, Assessments@Optiv expands this ecosystem to include the following areas that can be customized with an assessment lifecycle to fit specific enterprise needs. Based on wide-ranging expertise across the IT security product ecosystem, Assessments@Optiv includes proof of concept, technology stack optimization, product tuning and health, and best practice deployments.

Assessments@Optiv supports compliance with various regulations, including SOX, GDPR, PCI, HIPAA/HITECH and NY DFS.

Assessments@Optiv provides comprehensive risk assessments across all major industry frameworks, including NIST CSF, COBIT, ISO, CIS Top20 and HITRUST. Optiv is able to assess security operations effectiveness whether operations are internal, in the cloud, or through a third-party managed security services provider.

The company’s advanced threat intelligence and strategy services provide context and real-world examples for client assessment activities. Optiv provides templates and language that make it easy to communicate security assessment action items and deliverables to key stakeholders.

“Assessments are an essential building block in every client’s security foundation, but with the constantly growing list of cyber threats, regulations and vendor security solutions, the traditional method of simply ‘checking every assessment box’ is ineffective and often becomes a waste of time and resources,” said Stu Solomon, chief technology and strategy officer at Optiv. “With Assessments@Optiv, we are taking a different approach. We start by understanding the client’s unique business needs and then take inventory of their current security programs. By partnering with a client in this way, we can develop an optimal and focused security program reflective of specific businesses requirements. This typically results in an optimization of current security investments, a higher degree of security efficacy, meaningful prioritization of future security program activities, and the ability to report on the effectiveness of security investments to the board. Our objective is really to help our clients create clarity out of the security chaos.”

Solomon explained that conducting the right set of assessments is crucial to producing the information needed to make better decisions about technology procurement and rationalization, operations and process optimization, and enterprise risk management. This also breaks companies out of the failed “outside-in” security model where budget decisions are dictated by external influences, factors, threats, and regulations, and replaces it with the risk-centric “inside-out” model where cyber security decisions are based on a foundation of each company’s unique business requirements, and strategic enterprise risk management.


IoT Innovator Newsletter

Get the latest updates and industry news in your inbox! Enter your email address and name below to be the first to know.