The APT Battle - Can Pen Tests Really Help?

Today, it’s hard to find an organization that operates without pen tests. Thanks to heightened awareness among management and growing adoption of compliance standards such as PCI DSS, pen tests are on every CISO’s to-do list. Multiple varieties of pen tests have emerged and many organizations have a detailed plan to perform these tests every year. Yet, 95% of the organisations were found to be breached with clear evidence of advanced attackers controlling their internal systems. While penetration tests attempt to answer the question, “Can our controls be breached?”, the more critical question is “Am I aware of any existing breach?” In the new threat landscape, where attackers employed advanced means to bypass controls and got in without being noticed, just how pen tests are standing up to the challenge? How would one determine if these annual penetration tests are really providing value? Vivek Chudgar takes this on in our live webinar. He will examine the role of pen testings in an organization, and how the new threat landscape has changed the function of these testings. He will also discuss other new approaches to help organizations be assured of their secure status.