This website uses cookies. View our cookie policy
Close
United Kingdom
Select regional store:

Organisations can stay cyber secure with fixed-price penetration testing, says expert

15/01/2013

A December 2012 report by GreenSQL revealed that 88 percent of all companies that participated in the survey did not protect their databases from both external and internal threats, and almost one fifth do nothing to protect their databases at all.
 
IT Governance, the information security experts, advise that efficient and routine penetration testing of an organisation’s system is the only way of establishing that networks and applications are secure.
 
Alan Calder, CEO of IT Governance, says, ‘With the ever-increasing risk of external attacks to websites, the continual enhancements and upgrades to a system over time, and the continual discovery of new vulnerabilities and security holes; organisations need to conduct external penetration tests annually, at least.’
 
Fixed-price penetration testing packages make it easier for organisations to conduct regular security testing. However Calder warns that penetration testing must be undertaken by qualified testers.
 
“Inexperienced penetration testers rely too heavily on automated tools, rather than thinking strategically. Tools are helpful, but they have limitations when it comes to identifying potential exploits and accurately assessing risks. Organisations should be hiring skilled and independent pen testers who are able not only to produce a full report for their clients, but advise them on what effective controls they should be putting in place to protect their systems.”
 
Effective penetration testing involves the simulation of a malicious attack against the security measures being tested, often using a combination of methods and tools, and conducted by a certificated, ethical professional tester. The resulting findings provide a basis upon which security measures can be improved.
 
IT Governance offers fixed-price penetration testing packages which can be purchased by  contacting the IT Governance service centre team on telephone number +44 (0)845 070 1750 or by email to servicecentre@itgovernance.co.uk.