Many organisations are required to perform penetration tests for insurance or compliance purposes, while others may perform regular penetration tests to help improve their security. In this blog I intend to explain what a penetration test is and how they are typically conducted.
In past blog posts we've covered strategies in the Essential 8. Today I thought I’d look at the recent changes to the Essential 8 Maturity Model.
Everyone needs a strategy, right? What are you doing to protect your business against cyber threats, and the real possibility of someone stealing or destroying your data. An attack could come in any number of ways, a data breach and the theft of critical data or possibly a ransomware attack and the destruction of important files. Many companies, especially in the SMB space don't even have the security basics in place and it can be difficult even knowing where to start. It's simply not enough these days to put a firewall and anti-virus program in place and sit back and relax. Believe me, I'd love it if that was the case, I’d be gladly taking a nap right now.
Everyone has information that they want to protect which must remain confidential. These days it’s quite likely that this information sits in an account that is accessible on the internet and is at increased risk of exposure. This information doesn’t have to be a business account - how about personal email accounts such as Gmail? I know people that live out of their personal Gmail account - the one place which contains every email, document and contact that they have. If their password fell into the wrong hands it would be a disaster and unfortunately account breaches are now part of everyday life.