Optiv, a Top 100 MSSP for 2017, has launched Assessments@Optiv, a portfolio some 60 assessment services designed to help organizations build risk-centric cyber security programs that are manageable, measurable and effective.
The idea, Optiv said, is to address every aspect of security and risk and tie in the MSSPs strategic guidance. Ultimately, Optiv wants the service lineup to help organizations prioritize the assessments that best fit their specific business needs.
“Assessments are an essential building block in every client’s security foundation, but with the constantly growing list of cyber threats, regulations and vendor security solutions, the traditional method of simply ‘checking every assessment box’ is ineffective and often becomes a waste of time and resources,” said Stu Solomon, chief technology and strategy officer at Optiv. “By partnering with a client in this way, we can develop an optimal and focused security program reflective of specific businesses requirements,” he said.
Optiv Assessment Services: Core Components
Optiv’s portfolio of assessment services is grouped by major industry frameworks and security initiatives, including architecture implementation, attack and penetration, enterprise incident management, application security, strategy, risk and compliance and identity and access management.
Solomon said Optiv’s goal is to “help our clients create clarity out of the security chaos.” The first step with Assessments@Optiv is to understand the client’s business needs and take stock of their current security programs. The standard cyber security assessments tend to concentrate on regulatory compliance and gap analysis but Optiv takes it a bit farther, the company said. Its assessment vehicle includes:
Technology, architecture: Proof of concept, technology stack optimization, product tuning and health, best practice deployments.
Regulatory requirements: Supports compliance with all key regulations, including SOX, GDPR, PCI, HIPAA/HITECH, NY DFS.
Security frameworks, standards: Provides comprehensive risk assessments across all major industry frameworks, including NIST CSF, COBIT, ISO, CIS Top20 and HITRUST.
Security operations: Assess security operations effectiveness for internal operations, in the cloud, or through an MSSP.
Security threats, strategy: Advanced threat intelligence and strategy services provides context and real-world examples for client assessment activities.
Business alignment, security program effectiveness: Provides templates and language that make it easy to communicate security assessment action items and deliverables to key stakeholders.
Optiv: On the Move
In addition to the Assessments@Optiv initiative, Optiv has been busy this year. In late January, the pure play security specialist initiated a concerted push into the European market, helmed by Simon Church, an M&A veteran hired to run the operation. That followed on the heels of Optiv’s promoting Solomon, a 20-year veteran who’s been with the firm for more than two years, to the chief technology and strategy officer post while simultaneously opening a new unit dedicated to the partner’s strategies and product and service offerings.
Late last year, Optiv acquired Decision Lab, a big data, automation and orchestration services company with security expertise.