Area Vice President & Country General Manager, Optiv
Executive Director, Office of the CISO, Optiv
Director, Client Solutions, Optiv
Most companies know the importance of cybersecurity, but can’t find the skilled resources to help. Meet Optiv — the cyber advisory and solutions leader.
Cyber threats lurk everywhere and threat actors grow more sophisticated each day. No Canadian organization is immune to potential ransomware attacks, malware, phishing schemes, and data breaches. Well-versed and up-to-date on the latest attack methods, many cyber attackers have a big advantage by using even more advanced tools than company IT administrators use in searching for vulnerabilities to exploit.
According to Statistics Canada, about one fifth of Canadian businesses were affected by cybersecurity incidents in 2019. In the same year, over 43 percent of large businesses, 29 percent of medium-sized businesses, and 18 percent of small businesses had some form of a cybersecurity incident.
The impacts in terms of business disruption, lost revenue, productivity, and reputational damage are huge — not to mention the forensic, insurance, and legal costs.
Optiv, a cyber solutions integrator
Optiv Canada works with organizations of all sizes to develop, optimize, implement, and run their cybersecurity programs. Based in Toronto, Optiv Canada is the Canadian subsidiary of Optiv Security — a U.S. cybersecurity solutions integrator founded over 20 years ago and headquartered in Denver, Colorado. Globally, Optiv Security provides cybersecurity consulting, assessments, products, and services to over 7,000 business and government clients, has over 2,200 employees, and partners with over 400 vendors.
“We launched Optiv Canada in 2016 and then expanded in the market in 2017 through the acquisition of Conexsys Communications Ltd., an established Canadian security and networking solutions provider,” says Cheryl McGrath, Area Vice President and Country General Manager, ICD.D at Optiv Canada. Today Optiv Canada is Optiv’s fastest-growing entity, having achieved a top ranking with large Canadian companies in identity and access management (IAM), risk management; digital transformation, devsecops, AI, and security operations.
One thing I’ve observed advising organizations across Canada on their cybersecurity plans and programs is that every organization can use help in one way or another.
Optiv Canada continues to focus on expanding its in-country service capabilities to meet the demands of Canadian public and private sector organizations from coast to coast, drawing on its global capacity and international experience as needed. “Additionally, we deliver security-cleared resources to clients in the Canadian federal government and other environments where information security is paramount,” says McGrath.
Meeting organizational needs of any size, risk level, and point in cyber journey
“One thing I’ve observed advising organizations across Canada on their cybersecurity plans and programs is that every organization can use help in one way or another,” says Michael Doucet, Executive Director of the Office of the CISO (Chief Information Security Officer) with Optiv.
But lack of resources makes that challenging, especially for medium-sized companies, which may not be able to build those capabilities internally. “Even big banks with 300 or 400 cybersecurity specialists on staff may not have enough in-house resources to address the rapidly-morphing cyber landscape,” says McGrath.
That’s where Optiv comes in. With its strong bench of cybersecurity talent, deep expertise, and access to broad cyber resources, Optiv Canada can meet the needs of organizations of any size wherever they are — regardless of their risk level or place in their cyber journey. “We deal with entities across the country of every size, from the largest federal government departments, public sector clients, and large banks to mid-sized organizations,” says McGrath.
Under its advisory, strategy, and consulting umbrella, Optiv Canada offers several practice areas, including cyber digital transformation, identity and data management, risk management, security operations, threat management, and integration and innovation services. “Essentially, we go to clients and build cybersecurity roadmaps, strategies, and anything else they need to build their cybersecurity ecosystem,” says McGrath. “We also spend a lot of time talking to Boards of Directors, because they’re ultimately responsible for reviewing the enterprise risk plan and portfolio for the organizations they oversee.” says McGrath.
Complementing the advisory, strategy, and consulting umbrella is the technical umbrella, under which Optiv operationalizes and runs the programs it advises on, drawing from over 400 of its vetted and tested cybersecurity partners.
Managed services give companies predictability with cybersecurity programs
A key Optiv differentiator is the ability to offer advice and implementation in a one-stop shop. “We help come up with the road map and strategy, and then take it to the next level to help organizations build, implement, and even run their cybersecurity programs,” says McGrath. Through its managed services offering, Optiv provides its own staff to manage an organization’s entire cybersecurity program, or a portion of it, as they wish. “Being able to do that 24/7 for a medium-sized organization gives them a level of predictability in the deployment of their cybersecurity activities,” says Doucet.
Another differentiator is Optiv’s approach. Many companies take a threat-centric, “outside-in” approach, focusing first on identifying specific threats and then reacting with technology procurement. Optiv instead takes a proactive and strategic “inside-out” approach to cybersecurity, starting with risk mitigation and building out from there with strategy, infrastructure rationalization, operations optimization, and ongoing measurement. “This is far more effective at reducing current and future risk than the threat-centric approach,” says McGrath. “We also focus on building a future-ready mindset within the organization, using a holistic approach from the mailroom to the boardroom.” Optiv believes the critical attributes needed to create and support that mindset are Clarity, Foresight, Agility, and Resilience.
A key tool in helping clients be future-ready is Optiv’s MXDR (Managed Extended Detection and Response), a comprehensive, cloud-based threat detection and response service that automates incident investigation by ingesting data across various layers and sources. “The idea of being able to use everything in your environment as a sensor to detect potential security threats and incidents and monitor it is very important in our industry right now,” says Philip Solakov, Director of Client Solutions at Optiv Canada. “Our MXDR service enables us to collect information from anywhere and everywhere and perform a comprehensive analysis across a customer’s entire threat surface, prioritizing alarms, investigating events, and managing incidents.”