Episode 8

Penetration Testing: A Managed Service Or Only Once Per Year?

In this episode Stanley Li and Sean Mahoney from Netswitch are joined by James Watson to discuss exactly what is Penetration Testing as a Service (PTaaS) and the increasing trend for businesses to move away from once-a-year pen tests to more regular, monthly ones instead.

Episode highlights:

- 15 years ago, when manual vulnerability scanning and assessments were the only options.

- Why manual plus automated testing combined is essential to get the highest quality results from pen tests.

- The new CVE 2020 1472 vulnerability Microsoft recently announced that won't be patched until 2021, and what this means for your testing schedule.

- Why insecure configurations created by your IT admins could be increasing your risk more than you realise.

- How the increasing number of regulatory and certification requirements have changed the testing landscape.

- Why companies now have to demonstrate they're consistently pro-active in testing their networks.

- Why the increase in remote working has only amplified these issues.

- Why penetration testing as a service is much more affordable than annual tests of years gone by.

- Which types of companies are particularly increasing their testing frequency.

- Why vulnerability assessments alone will not protect you from Ransomware attacks.

- What data penetration tests can identify that vulnerability assessments are unable to.

- How to effectively manage security risk if you're a small business with a limited budget.

- How an international hotel group client has increased their vulnerability assessment frequency from annually to monthly.

- Why they jumped at the chance to deploy Penetration Testing as a Service.

- How the old way of manual penetration testing could take over a month.

- Why the new combination of automation and manual effort can now perform the testing and deliver a report with remediation in just one business week.

- Why this means more time can be spent on remediation efforts and less on the testing itself.

- Why consistency is the key to effectively managing your cyber risk in an increasingly insecure world.

Sponsored by Netswitch Technology Management - netswitch.net

About the Podcast

Show artwork for Cybersecurity Chronicles
Cybersecurity Chronicles
News, views and stories from the cyber front line.

About your hosts

Profile picture for Stanley Li

Stanley Li

➤WHO I HELP & WHAT I DO: I help organizations with <1000 users to manage the cyber risk to meet compliance & regulatory requirements in IT & Cybersecurity. SecurIA®- the proprietary Managed Detection & Response platform I developed for Netswitch & Securli, has proven to reduce cost, risk, & time for our clients.

➤MY STORY: For the past 20 years I’ve dedicated my life to building Netswitch in order to protect and secure our clients’ data & critical infrastructure from the ever-increasing threat of cyber-attacks.
Profile picture for Sean Mahoney

Sean Mahoney

What I Do: I help business leaders achieve cyber-risk compliance and enable business continuity without breaking their budget.

I deliver productive ways of leveraging technology to meet business requirements and drive cost savings. Integrating automated and machine learning systems into operations to improve efficiency utilizing data analytics for improving business visibility allowing for faster reactions to market dynamics. Experienced in translating the technical to non-technical audiences.