How Safe is Your Business from Hackers?
Let's imagine a hacker is scrutinizing your business right now. He’s smart, he’s determined, and he’s looking for weaknesses in your security. If he finds them he will exploit them. The consequences could be immaterial, or potentially devastating.
What will he identify? What loss, damage, or downtime could result? If you don’t have the answers to these questions - or if you’re basing them on guesswork, partial information, or hope - a penetration test will provide them. In short, a penetration test could be one of the wisest steps you take towards protecting your company.
Clearly there’s an abundance of guidance on the internet to help security conscious organisations, and the generic advice will assist you. However, every business is unique, with a distinct environment, controls and culture. Consequently, your vulnerabilities will be different to any other business.
In this first of our blog series on penetration testing, we make the business case for your precious budget, so you don’t have to.
What is a Penetration Test?
A penetration test, often shortened to pentest, is conducted by ethical hackers to simulate a real-world attack against your organisation. Their mission is to:
- Robustly test your defences by deploying various techniques and tools ranging in sophistication.
- Reveal your organisation’s security vulnerabilities – in systems and people.
- Show what the consequences of a successful attack could look like.
A quality penetration test will help you to see your vulnerabilities in context with the risks, enabling you to:
- Make informed decisions regarding potential remedial actions.
- Justify any additional investment in your cybersecurity.
- Identify possible gaps in your security policies and processes.
The Cyber Threat to UK Businesses
A report by the National Cyber Security Centre and the National Crime Agency - The cyber threat to UK business - makes for grim reading. Finding include:
- The cyber threat to UK business is significant and growing.
- The rise of internet connected devices is giving attackers greater opportunities.
- The threats are varied and adaptable, ranging from attacks which are:
- Colossal, opportunistic and indiscriminate to;
- Persistent, sophisticated, and deploy bespoke malware designed to compromise a specific target.
- The past year (2016-2017) has been punctuated by cyber-attacks on a scale and boldness never seen before.
The Cost of Cybercrime to UK Businesses
In the previous 12 months (as of February 2017), the statistics portal Statista reported that the average cost of cybersecurity breaches to businesses in the UK was £1,380 for micro and small firms. The figure rises to £19,600 for larger companies.
The cost should not, however, be measured solely in monetary terms. There’s the potential for reputational damage, the time spent recovering from an attack, and loss of service. Cybercrime has many ugly consequences, often leaving victims feeling blindsided.
In our next blog, we’ll help you to navigate a crowded marketplace and choose a provider wisely. To learn more now, click on the button below.