Boost your security posture with objective-based penetration testing

Boost your security posture with objective-based penetration testing

Welcome to this week’s Security Spotlight, where we shine a light on: 

  • Our free green papers on penetration testing basics, and how it fits into an ISO 27001 ISMS 

 


New Q&A | Boost Your Security Posture With Objective-Based Penetration Testing 

To maximise value from your security investments, your measures must be effective. 

How can you be confident your measures are fit for purpose – and prove it to stakeholders like customers, partners and regulators?  

Penetration testing offers a vital tool. 

This Q&A with our head of security testing, James Pickard, covers: 

  • Is your security programme effective?  

  • Objective-based penetration tests  

  • Black, grey and white box penetration tests  

  • Red team assessments  

  • Manual vs automated penetration testing  

Read the full interview 

 

New Q&A | Layering Defences to Safeguard Sensitive Data Within AI Systems 

As AI develops relentlessly, organisations face a thorny problem:  

How can you harness the transformative power of AI tools and systems while ensuring the privacy and security of your sensitive data?  

Our head of AI product marketing, Camden Woollven, covers: 

  • Security and privacy challenges/risks of AI  

  • How these AI risks will evolve  

  • Safeguards for AI risks  

  • AI privacy and security by design  

  • Increased transparency and anonymising personal data 

Read the full interview 

__ 

We’ve also updated our index of interviews again! 



Q&A | How to Address AI Security Risks With ISO 27001 

If you’re worried about data security – specifically, an AI exposing confidential data – you could conduct an exposure assessment or an ‘AI penetration test’. 

Bridget Kenyon, author of ISO 27001 Controls, explains further. 

Read the full interview 

 

Q&A | The Insider Threat: Strategies to Safeguard Against Malicious Insiders  

Your biggest security threat may be hiding in plain sight: your employees.  

No business can operate without trusting its people. Without access to confidential information and essential systems, staff can’t perform their roles.  

But if an insider turns malicious, regardless of their motivation, they can significantly damage your organisation. After all, their account is supposed to have access to sensitive data!  

James Pickard explains how your organisation can protect itself. 

Read the full interview 

 


Free green paper | Assured Security – Getting cyber secure with penetration testing 

Information is the lifeblood of the modern business, so organisations should strive to keep it secure. 

Penetration testing can help. 

This free green paper covers: 

  • What is penetration testing? 

  • How does penetration testing work? 

  • What types of vulnerabilities can go undetected for months? 

  • What are the different types of penetration test? 

Download now 

 

Free green paper | Penetration Testing and ISO 27001 – Securing your ISMS 

Penetration testing also fits into an ISO 27001 ISMS project. 

As part of your risk assessment, you must identify security risks within your ISMS scope. 

This free green paper explains how you can do this through penetration testing. 

Download now  


Free webinar | Using ISO/IEC 27018 as the Key to Data Privacy in the Cloud 

Wednesday, 20 November 2024, 3:00 – 4:00 pm (GMT) 

Get an overview of ISO 27018 in this free webinar, delivered by Alice Turley and Andrew Johnston: 

  • How does ISO 27018 align with ISO 27001? 

  • How does ISO 27018 certification enhance data privacy compliance and security? 

  • What are practical steps to integrate ISO 27001 principles with ISO 27018 and other standards? 

  • What are real-world examples of ISO 27018, and how does the Standard add value? 

Whether you’re a DPO, GDPR professional or information security manager, you’ll get a comprehensive understanding of ISO 27018 and its critical role in ensuring data privacy in the Cloud. 

Register now 

 

Free webinar | Meeting NIS 2 Requirements with ISO 27001 

Thursday, 21 November 2024, 3:00 – 4:00 pm (GMT) 

NIS 2 aims to significantly enhance cyber security across Europe, particularly in critical infrastructure. 

This webinar, delivered by Andrew Pattison, explains how ISO 27001 helps organisations meet the NIS 2 requirements. 

There’ll be a Q&A session at the end, where you can ask questions on any aspect of NIS 2 and/or ISO 27001 implementation. 

Register now 

 


Speak to an information security expert 

With 20+ years’ experience in information security, we understand risk management. 

Our experts have implemented information security programmes for hundreds of organisations across a multitude of industries in both the private and public sectors. 

New to the world of information security and need advice on how to get started? 

Or updating an existing information security programme? 

Our experts are here to help. 

Get in touch 

To view or add a comment, sign in

More articles by IT Governance Ltd

Explore topics