External penetration testing can mean one of two things: A penetration test conducted against your external attack surface (that is, a test of how a malicious actor might get in) or any penetration test conducted by a 3rd (external) party, rather than by your internal security team. This article is a detailed guide to the …
External Penetration Testing: What to Know Before You Engage Read More »
In the last 12 months, Penetration Testing as a Service has exploded in popularity. Is that because it’s a better business model for penetration testing vendors? Or because there’s more security and business value in the practice for companies? That’s what I set out to explore in this article. Below, I’ve outlined what exactly PTaaS …
Penetration Testing as a Service: Is it a Viable Option? Read More »
ISO 27001 is a robust security framework that comprehensively evaluates and certifies an organization’s security posture. What does it have to say about an organization’s exposure to security vulnerabilities? What requirements are there for ISO 27001 penetration testing? In this article, I’ll work to answer those questions and more. My goal is to demystify ISO …
Should You Do Penetration Testing for ISO 27001? A CISO Explains Read More »
There’s no debate on this one: Penetration testing is crucial for SaaS companies. It’s only in the details that arguments arise: How often should you test your app? What should be in scope? Which vendor should you use? How much should you spend? It is those questions that we will seek to answer in this …
Proper Penetration Testing for SaaS Companies: Tips & Cost Read More »
Many healthcare providers, covered entities, and business associates are unclear about whether they need penetration testing for HIPAA compliance. As a healthcare industry CISO, this has never surprised me: The documentation on this point is at times unclear, and even compliance consultants have been known to advise on it inaccurately. In this article, I’ll attempt …
Penetration Testing for HIPAA: Requirements, Costs & More Read More »
Penetration testing is an imposing term. A lot of small businesses don’t understand what it is, why they need it, or how much it costs. Or if they do, they understand the consequences: expensive technology investments. Consequently, penetration testing is a daunting proposition. What many a small company doesn’t understand is that their business’ success …
Penetration Testing for Small Business: The What, Why & How Much Read More »
If you’re asking this question, it’s usually for one of two reasons: I get it. Pen tests can be a daunting proposition. They can be expensive and they reveal security weaknesses. They’re also critical for driving and developing attack-resistant security strategy. As a CISO, I believe a penetration test is a vital tool for any …
Why Do We Need Penetration Testing? For These 4 Reasons Read More »
In a 2023 survey of cybersecurity leaders, 51% said they believe an AI-based tool like ChatGPT will be used in a successful data breach within the next year. There is no question that AI tools pose cybersecurity risks, and as such, keeping an eye on exactly how they are being used by malicious actors is …
ChatGPT Already Involved in Data Leaks, Phishing Scams & Malware Infections Read More »
In which U.S. state is the average resident most likely to have their identity stolen? That’s the question we set out to answer in this data study. Some people think a higher population inevitably leads to higher cases of identity theft. More residents mean more identities to steal. As cybersecurity professionals, we had a different …
The 10 Worst U.S. States For Identity Theft [Data Study] Read More »
Once again in 2022, the theft of Americans’ data through cyberattacks was consistent. And the moments when the highest number of citizens are at risk, are after corporate data breaches. These incidents that expose thousands – in some cases millions – of people’s personal data to criminals, cannot be studied in enough detail. Are data …
The 10 Worst States in the U.S. for Data Breaches [Data Study] Read More »
