When conducting penetration tests, regardless of an organization’s size or maturity, certain kinds of attacks recur so regularly that security teams should develop standardized practices to defend against them. Here are some suggested strategies for conducting detection and mitigation.
Chief Operating Officer at LARES
Andrew Hay is an experienced cybersecurity leader, data scientist, researcher, and international public speaker with decades of experience across multiple IT, security, and risk domains. He has authored several books on endpoint, network, cloud, and security management topics, has grown and led engineering, research, data science, and security teams worldwide, and has experience growing companies from inception through acquisition. Before joining LARES, Andrew served as CEO of Rising Cyber LLC; CTO of LEO Cyber Security; and CISO of DataGravity.
Three common problems regularly hold back cybersecurity strategies – not testing enough, not resolving or disclosing known vulnerabilities, and not having proper security programs in place to measure testing effectiveness.