Penetration Testing, also known as pentesting or a pen test, is an authorised simulated cyber attack on a computer system to evaluate the security of the system.  Therefore, it will alert the company to vulnerabilities. And, it will probe your applications and networks searching for weaknesses.  As a result it can save you time money and reputation, not to mention shockingly high fines.

Crest Logo A pentest will find out those issues which are not easy to find during a manual analysis of your system. Hence it has to be carried out by a certified practitioner. CREST is an international not for profit accreditation and certification body that represents and supports the technical information security market.  Therefore, all companies who offer penetration testing should be CREST approved and we only work with them that are CREST approved.  Why would you want to bother carrying this out? To clarify, your customers trust you to store and manage their data safely and securely. Also the law also requires you to do keep data secure.

Record fines handed out by ICO

In 2018 record fines were handed out to companies who had their data breached by hackers, Also millions of pounds were collected by hackers in ransom demands.  However, it is not only the fines but the damage to your reputation as mentioned above.

Some of the largest companies who were handed out  included:

  • Equifax
  • Facebook
  • Superdrug
  • Heathrow Airport
  • Google
  • Yahoo
  • Tesco

Fix the security problems

Thanks to the internet more and more companies trade globally. As a result, countries around the globe are tightening up their laws with regard to the storage of customer data.  In an article in the New Statesman, Ian Levy, Technical Director of National Cyber Security Centre said “Serious security problems in consumer internet of things [IoT] devices, such as pre-set unchangeable passwords,  continue to be discovered and it’s unacceptable that these are not being fixed by manufacturers,”

A Forbes article which looks at fines handed out to companies illustrates why having penetration testing is essential, can you really afford not to?