Some people get really worried if a complete stranger sees their dirty laundry. In order to hide their “secrets” they will air their dirty laundy in a dark basement. The problem is the laundry is still dirty, kids are sleeping in dirty sheets, all because you are ashamed.

laundry.jpg

An excuse some will use not to have a penetration test is, “Our data is too sensitive for you to ever have access to, so you just need to do an audit”. Even better, “Our systems cannot go down, so just do a portscan”. Wow, this is just an amazing security fail! If you don’t trust an outsider, and lets face it, some organizations just can’t, then develop an internal pen test team and program. This is not an excuse not to have a penetration test, its a reason to create your own team! In addition to your own team, consider expanding the scope for external testers. This is something that you’ve heard so many professional penetration testers saying, and its time to start listening and sleeping in clean sheets.
Paul Asadoorian
PaulDotCom Enterprises

About the author

Paul Asadoorian is the Founder & CEO of Security Weekly, where the flagship show recently re-titled "Paul's Security Weekly" has been airing for over 8 years. By day he is the Product Evangelist for Tenable Network Security. Paul produces and hosts the various shows here at Security Weekly, all dedicated to providing the latest security news, interviews with the industries finest and technical how-to segments. Paul is also the founder and host of "The Stogie Geeks Show", featuring cigar reviews for cigar enthusiasts.