Security testing (including scanning, penetration testing, red teaming, and more), is often seen as a compliance bug bear. However, if your security team wants to provide a level of assurance to the business that if an attack was to take place, you are well placed to both defend and detect it, it is essential that you perform the right kind of testing for your business. In this post, we’ll take a look at the types of testing you should be deploying within your organization by explaining what each type of test does and what it can (and can’t) deliver for you.
We just released our latest edition of PERCEPTION, our cyber threat intelligence briefing for the financial services sector edited by Dr Graham Shaw. This contains informative, relevant and timely information about the cyber threat landscape for financial institutions, current threat actors and recent activities, and is designed to help you address the cyber risks faced by your organization.
Cyber-attacks and the impact they have on organizations are becoming much better understood. However, in facing increasingly sophisticated, targeted and untargeted attacks, the complexity and scale of the threat means that avoiding a cyber-attack is becoming harder for organizations. If a cyber-attack is going to happen at some point, it’s essential that organizations plan for, and prepare to respond to, the inevitable. But this can be easier said than done. What steps do organizations need to take to develop a cyber security strategy that ensures they are prepared?