March 31, 2021
DENVER – March 30, 2021 – Optiv Security, a security solutions integrator delivering end-to-end cybersecurity solutions, today unveiled its Enterprise Internet of Things (IoT) Lab in response to a growing and ever-present pain point for client security leaders – the proliferation of IoT devices on organizational networks. Chief information security officers (CISOs) are dealing with sizeable blind spots and have expressed the clear need for support in discovering those devices and bringing them into their existing vulnerability management programs with an expanded objective of total network protection that goes beyond simple device discovery and assessment. Optiv’s Enterprise IoT Lab will:
Show organizations how to discover IoT devices present in their environment, assess devices for vulnerabilities, and mitigate outstanding security issues.
Provide a baseline platform for development of automated vulnerability management and incident response solutions for IoT.
Position IoT/OT/ICS security solutions where their integrations into other technologies can be developed and tested end-to-end.
“Current technologies focused on traditional network assets can fall short when trying to assess IoT targets, and solutions focused on the OT/ICS space don’t always integrate with the enterprise vulnerability management solutions,” said Sean Tufts, practice director, IoT Security, Optiv. “We’re now able to prove out these solutions in an environment that provides access to a wide spectrum of partner technologies.”
Optiv has partnered with Palo Alto Networks, Tenable, and Armis to highlight how these solutions react in a real-world environment of live devices. In addition, Gigamon has been leveraged to enable each solution’s monitoring requirements.
"Our Unit 42 IoT threat research, based on analysis of 1.2 million devices, found that nearly 98 percent of IoT traffic is unencrypted and more than half of all IoT devices are susceptible to severe cyber-attacks. This is why a prevention-first approach is the need of the hour instead of alert-only solutions,” said Muninder Singh Sambi, senior vice president, product management, Palo Alto Networks. "Optiv’s Enterprise IoT Lab is a welcomed development.”
The Lab will drive solutions from real-world sources and/or data supplied from a client environment. More than 50 common corporate IoT targets are in the environment and will be tested and demonstrated on to highlight vulnerability management best practices in live-time as they relate to source (insiders, third parties, bad actors) and threat (unsecured remote access, weak passwords, legacy technologies, pre-installed spyware, hackable devices).
“Optiv has substantial experience in embedded device vulnerability analysis,” said Mark Thurmond, chief operating officer, Tenable. “We’re excited to be a part of Optiv’s IoT lab to lend our converged IT/OT expertise in exploitation techniques and best practices to continue driving innovation in the IoT security space for our shared clients.”
For more information about Optiv’s IoT security services, visit Optiv IoT.
Optiv Security: Secure your security.TM
Optiv is a security solutions integrator – “one-stop” trusted partner with a singular focus on cybersecurity. Our end-to-end cybersecurity capabilities span risk management and transformation, cyber digital transformation, threat management, cyber operations, identity and data management, and integration and innovation, helping organizations realize stronger, simpler and more cost-efficient cybersecurity programs that support business requirements and outcomes. At Optiv, we are modernizing cybersecurity to enable clients to innovate their consumption models, integrate infrastructure and technology to maximize value, achieve measurable outcomes, and realize complete solutions and business alignment. For more information about Optiv, please visit us at www.optiv.com.
You May Also Like
Hacking Your Digital Identity: How Cybercriminals Can and Will Get Around Your Authentication MethodsOct 26, 2023
Modern Supply Chain Security: Integrated, Interconnected, and Context-DrivenNov 06, 2023
How to Combat the Latest Cloud Security ThreatsNov 06, 2023
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023