When Information Technology and Information Security leaders want to test the security weaknesses and cyber resilience of their organization, they turn to penetration testing. There is no better way of validating organizational security posture than by running pen tests. What is a pen test? Why would you want to conduct internal pen tests instead of […]
Internal Penetration Testing: The What, When & Why You Should Do It Read More »
External penetration testing can mean one of two things: A penetration test conducted against your external attack surface (that is, a test of how a malicious actor might get in) or any penetration test conducted by a 3rd (external) party, rather than by your internal security team. This article is a detailed guide to the
External Penetration Testing: What to Know Before You Engage Read More »
In the last 12 months, Penetration Testing as a Service has exploded in popularity. Is that because it’s a better business model for penetration testing vendors? Or because there’s more security and business value in the practice for companies? That’s what I set out to explore in this article. Below, I’ve outlined what exactly PTaaS
Penetration Testing as a Service: Is it a Viable Option? Read More »
ISO 27001 is a robust security framework that comprehensively evaluates and certifies an organization’s security posture. What does it have to say about an organization’s exposure to security vulnerabilities? What requirements are there for ISO 27001 penetration testing? In this article, I’ll work to answer those questions and more. My goal is to demystify ISO
Should You Do Penetration Testing for ISO 27001? A CISO Explains Read More »
There’s no debate on this one: Penetration testing is crucial for SaaS companies. It’s only in the details that arguments arise: How often should you test your app? What should be in scope? Which vendor should you use? How much should you spend? It is those questions that we will seek to answer in this
Proper Penetration Testing for SaaS Companies: Tips & Cost Read More »
Many healthcare providers, covered entities, and business associates are unclear about whether they need penetration testing for HIPAA compliance. As a healthcare industry CISO, this has never surprised me: The documentation on this point is at times unclear, and even compliance consultants have been known to advise on it inaccurately. In this article, I’ll attempt
Penetration Testing for HIPAA: Requirements, Costs & More Read More »
Penetration testing is an imposing term. A lot of small businesses don’t understand what it is, why they need it, or how much it costs. Or if they do, they understand the consequences: expensive technology investments. Consequently, penetration testing is a daunting proposition. What many a small company doesn’t understand is that their business’ success
Penetration Testing for Small Business: The What, Why & How Much Read More »
If you’re asking this question, it’s usually for one of two reasons: I get it. Pen tests can be a daunting proposition. They can be expensive and they reveal security weaknesses. They’re also critical for driving and developing attack-resistant security strategy. As a CISO, I believe a penetration test is a vital tool for any
Why Do We Need Penetration Testing? For These 4 Reasons Read More »
In a 2023 survey of cybersecurity leaders, 51% said they believe an AI-based tool like ChatGPT will be used in a successful data breach within the next year. There is no question that AI tools pose cybersecurity risks, and as such, keeping an eye on exactly how they are being used by malicious actors is
ChatGPT Already Involved in Data Leaks, Phishing Scams & Malware Infections Read More »
In which U.S. state is the average resident most likely to have their identity stolen? That’s the question we set out to answer in this data study. Some people think a higher population inevitably leads to higher cases of identity theft. More residents mean more identities to steal. As cybersecurity professionals, we had a different
The 10 Worst U.S. States For Identity Theft [Data Study] Read More »
