'We found a server under the candy smelter!' Optiv boss talks about the sticky side of enterprise security
Optiv exec Sean Tufts said that implementing security in the field isn't always a glamorous task
Securing the IT and OT infrastructure of modern business is not always a glamourous task, to say the least.
Sean Tufts, managing partner at cybersecurity firm Optiv, told The Stack that most days managing a company's network security is a matter of picking which issue is the top priority and what can wait.
"You're usually measuring risk, and you're measuring what can get done," Tufts explained.
"Sometimes there is some soft-scale stuff than can be done instead of a big bad deployments."
Speaking to The Stack, the tech boss said that running a cybersecurity provider is often a matter of taking care of the most practical dangers rather than what might be the biggest risks on paper.
This can mean managing network threats that are comprised of active APT groups, or it can mean telling a company that they have been infiltrated by hackers years ago who still comfortably operate on the network.
What really matters, says the exec, is addressing the most apparent threat and closing off the most glaring attack vectors.
"More often than not they can only do one or two things well," Tufts explained.
"Any big company can only take on one or two projects a year and it is really hard to get everywhere. You're usually measuring risk."
In some 11 years since its founding, Optiv has established itself in the security services market and, in particular, made a name for itself providing security to companies that might not have otherwise been seen as being in the market for cybersecurity in Operational Technology (OT) environments.
Working with OT means having to make adjustments that might not have been foreseen by IT network planners, as well as working with the knowledge that what would be considered routine downtime with an IT network is a catastrophic event in the world of OT.
"The hardest part is the response," said Tufts.
"If your Network Provider had a malware thing go on, you would shut everything down in IT. You don't do that in OT."
While securing climate-controlled databases is all good and well, Tufts said that the really compelling cases for his company come when providing services in unconventional situations such as factories and industrial floors.
In one case, the security firm found that it would have to deal with a deployment that was taking place under a working oven and ..err.. a sticky situation.
"We found an Active Directory server underneath the candy smelter," he recounted.
"There was one server where we had to go in with a cardboard box because it was getting soaked with corn syrup."
Tufts said that providing cybersecurity happens best when the client is open and willing to take suggestions and adapt to the changing environment.
"You look for culture; is this person set up to change a process?" he explained.
"A lot of times that is 'no'. When it is 'yes' then you work with them to find the corporate objectives..."