Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

9/16/2016
03:00 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Optiv Security Launches Technology-Enabled Third-Party Risk Managed Service

Enables Companies to Better Manage Entire Vendor, Supplier and Business Associate Risk Management Lifecycles, Improving Compliance and Risk Management

Denver – September 13, 2016 – Optiv Security, a market-leading provider of end-to-end cyber security solutions, today announced the general availability of its technology-enabled third-party risk managed service. Leveraging Optiv’s proven Software-as-a-Service based third-party risk management platform, Evantix, this service enables companies to better manage the complete third-party risk management lifecycle, resulting in improved compliance and risk management. The addition of this offering to Optiv’s suite of services makes Optiv the first and only company to offer a holistic solution that can help organizations better plan, develop and manage all aspects of their third-party risk management programs, including vendors, suppliers and business associates.

Optiv’s third-party risk managed service handles the process and reporting required for clients to determine the inherent risk, assess the controls and drive remediation with their vendors and partners. Optiv delivers this service through consultants with extensive expertise in building third-party risk programs and performing third-party risk assessments combined with the Evantix SaaS platform, currently in its fourth generation. This powerful technology solution includes standardized, on-demand risk score reports and customizable scoring technology to provide corporate risk managers and IT security professionals with quick, accurate and cost-effective visibility into the potential risk associated with outside service providers. Optiv’s innovative approach leveraging people, process and technology to deliver its third-party risk managed service helps companies better manage the entire third-party risk management lifecycle, which includes due diligence, assessment, validation and remediation.

“Organizations are increasingly turning to third parties to perform key business functions. That brings an increased risk of exposure to businesses as most companies lack visibility into where their data is stored or how it is handled by a third party,” said Tim Hoffman, executive vice president of client solutions for Optiv. “Today’s businesses require strong third-party risk plans that extend beyond traditional IT, yet most lack the necessary resources to create and execute on those plans. Optiv has the capabilities to help clients address and manage their vendor and partner risk through a comprehensive approach that includes people, process and technology.”

“The Optiv third-party risk managed service provides clients with a method to automate processes and reduce their staff’s major workload related to tracking and assessing the organization’s vendors and partners,” said James Christiansen, vice president of information risk management for Optiv. “Also, our Evantix platform’s advanced analytics provides third-party risk intelligence information to help clients make informed and consistent risk decisions related to vendor, supplier and business associate relationships.”

Optiv’s comprehensive suite of third-party risk management offerings help organizations understand the breadth of third parties in their environment, categorize relationships by risk to the organization, conduct risk assessments aligned to specific industry standards and develop the compliance criteria vendors must meet to do business with the organization.

About Optiv Security
Optiv is a market-leading provider of end-to-end cyber security solutions. We help clients plan, build and run successful cyber security programs that achieve business objectives through our depth and breadth of cyber security offerings, extensive capabilities and proven expertise in cyber security strategy, managed security services, incident response, risk and compliance, security consulting, training and support, integration and architecture services, and security technology. A Blackstone (NYSE: BX) portfolio company, Optiv maintains premium partnerships with more than 300 of the leading security technology manufacturers. For more information, visit www.optiv.com or follow us at www.twitter.com/optiv,www.facebook.com/optivinc and www.linkedin.com/company/optiv-inc

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Oldest First  |  Newest First  |  Threaded View
Edge-DRsplash-10-edge-articles
7 Old IT Things Every New InfoSec Pro Should Know
Joan Goodchild, Staff Editor,  4/20/2021
News
Cloud-Native Businesses Struggle With Security
Robert Lemos, Contributing Writer,  5/6/2021
Commentary
Defending Against Web Scraping Attacks
Rob Simon, Principal Security Consultant at TrustedSec,  5/7/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-36197
PUBLISHED: 2021-05-13
An improper access control vulnerability has been reported to affect earlier versions of Music Station. If exploited, this vulnerability allows attackers to compromise the security of the software by gaining privileges, reading sensitive information, executing commands, evading detection, etc. This ...
CVE-2020-36198
PUBLISHED: 2021-05-13
A command injection vulnerability has been reported to affect certain versions of Malware Remover. If exploited, this vulnerability allows remote attackers to execute arbitrary commands. This issue affects: QNAP Systems Inc. Malware Remover versions prior to 4.6.1.0. This issue does not affect: QNAP...
CVE-2021-28799
PUBLISHED: 2021-05-13
An improper authorization vulnerability has been reported to affect QNAP NAS running HBS 3 (Hybrid Backup Sync. ) If exploited, the vulnerability allows remote attackers to log in to a device. This issue affects: QNAP Systems Inc. HBS 3 versions prior to v16.0.0415 on QTS 4.5.2; versions prior to v3...
CVE-2021-22155
PUBLISHED: 2021-05-13
An Authentication Bypass vulnerability in the SAML Authentication component of BlackBerry Workspaces Server (deployed with Appliance-X) version(s) 10.1, 9.1 and earlier could allow an attacker to potentially gain access to the application in the context of the targeted user’s acco...
CVE-2021-23134
PUBLISHED: 2021-05-12
Use After Free vulnerability in nfc sockets in the Linux Kernel before 5.12.2 allows local attackers to elevate their privileges. In typical configurations, the issue can only be triggered by a privileged local user with the CAP_NET_RAW capability.