Identifying weaknesses in IT security reduces the risk from cybercrime


Ely, England, 21 February 2012 – Many organisations today rely on a range of technical controls including firewalls, access control lists and anti-malware software and non-technical controls (policies and procedures) to protect their information assets. Conversely cyber attacks have become more sophisticated and fighting these has become considerably more difficult. This means that more has to be done to improve cyber security.

Alan Calder, CEO of IT Governance, explains, “There is a whole range of possible solutions to cyber security – from management systems based on ISO27001 through security configuration, encryption, website security and penetration testing. It is amazing that many organisations still don’t take cyber security seriously – despite the enormous price paid by Sony, RSA, HM Government and plenty of others recently. Often senior management chooses to self-regulate instead of implementing an internationally recognised information security standard such as ISO27001. The latter not only offers tangible benefits, but also provides more reassurance to the organisation, its employees, clients and stakeholders.”

“Penetration testing is an essential component in any ISO27001 ISMS. We have seen increased demand for our penetration testing services recently.” continues Calder. “With an ever-increasing risk of external attacks to websites, penetration testing is essential for identifying weaknesses in IT security. We are pleased that our clients have recognised the importance of testing the vulnerability of their system through different hacking techniques and undertaking counter measures.”

Comprehensive penetration testing packages are uniquely offered by IT Governance in tandem with ISO27001 security audits. They are much in demand by companies seeking to test their cyber security policies, procedures and controls (both technical and human) ahead of standards compliance audits, and for the purpose of assessing and mitigating cyber risks, e.g. to produce reports and recommendations for insurance firms that provide cyber insurance.

For more details on the IT Governance Pen Testing service, including an opportunity to download a free FAQs/White Paper on Security (Penetration) Testing and ISO27001, visit:

You can also contact the friendly, helpful IT Governance service centre team on telephone number +44 (0)845 070 1750. Larger organisations can purchase penetration testing packages with a Purchase Order either by telephone or by email to

This website uses cookies. View our cookie policy