DRJ Fall 2019

Conference & Exhibit

Attend The #1 BC/DR Event!

Summer Journal

Volume 32, Issue 2

Full Contents Now Available!

Wednesday, 12 June 2019 15:09

A Penetration Test is Vital to Cybersecurity Management and Considerations

A critical component to a holistic approach to cybersecurity is conducting a penetration test, or pen test, to evaluate computer system, network, or web application vulnerabilities that could be exploited by a hacker.

The first question to consider when you conduct a pen test – what is the goal? Is it to satisfy compliance mandate, or was there a data breach and you want to ensure all of the loopholes are closed? Maybe pen testing is a best practices regimen and conducted regularly in your organization. If your company is installing a new computer system or network, it makes sense to test it to find where any vulnerabilities or weaknesses may exist.

Internal, external, privileged or not…

Types of pen testing vary widely. Depending on your goal, options include internal, external, credentialed or uncredentialed, web application testing, network testing, phishing and social engineering. An external pen test will show you what your network or application looks like to an outsider. An internal test may be used to verify segmentation of different data sets.