Maximise Testing for an Effective Defense Strategy

Maximise Testing for an Effective
Defense Strategy

  • Posted by: Pamela O'brien

Organisations often view penetration testing or security reviews of their IT ecosystem as a burden to meet compliance and regulatory requirements. The scale of cyber attacks in recent years demonstrated that organisations should not view this as a box ticking exercise, but an opportunity to truly understand their organisation’s security posture with the aim to improve. 

Vulnerability assessments and penetration testing have become a commodity with little or no differentiation between them, with organisations focusing on costs more than quality.  

Penetration testing emulates a “real world attack” to gauge the strength of one (or more) system’s security. It is heavily dependent on the testing team’s skillset, tools and techniques. Unfortunately, many service providers simply run vulnerability scans presenting themselves as experienced ethical hackers without the experience, knowledge, and context to prioritise the threats that matter.  

To add to the complexity, organisations engage penetration testers to focus on a specific target during a limited attack window. This attack scenario does not truly emulate a “real world attack” as adversaries have an unlimited amount of time, mission oriented campaigns and support to find stealthy ways to enter an organisation’s IT ecosystem. In addition, a penetration tester follows industry guidelines which is often a checklist such as the OWASP Top 10.  

So, how can organisations identify if they have adequate security controls to resist a cyber attack?  

Acknowledging that you are never truly secure at any one time is the first step. There are always processes and procedures an organisation can take to delay an attacker from compromising your network.  

Secondly, it is addressing your business’ security requirements in ways that you can add value to the assessment being conducted. One way of achieving this is through bringing your organisation’s defense team to work collaboratively with the testing team on pinpointing security flaws across your IT estate. Emulation techniques such as launching an attack to observe your defence mechanisms that are triggered in real-time will help determine their true value and if they operate as expected. Purple Team Exercises are a perfect fit for this scenario. Organisations that change and improve their processes by moving away from traditional methods is critical to resisting a cyber attack. 

How can Kontex help? 

Kontex is on a constant lookout of addressing business needs and engaging in partnerships to bridge security gaps for our clients. We understand the complexities that our clients face in the current threat landscape and are moving towards more innovative and effective ways to help you. We have the flexibility and skilled resources to help you move away from the traditional siloed methods of protecting your organisation, enabling you to adopt more collaborative and innovative ways to mitigate attacks.  

Our Adversary Emulation as a Service offering augments your technical team’s knowledge with Kontex’s specialists to improve your people, processes and technologies proactively.  

Find out more today from Elena Donea, Information Security Consultant [email protected]