Episode 17

full
Published on:

29th Mar 2023

A Snapshot in Time: Why Penetration Testing Is Critical for Cyber Security

When Megan Brown, Jonathan Care, and I explore the world of penetration testing, we uncover the missing links between the testing itself and having a secure organisation and patched vulnerabilities.

In this episode, you will learn how to maximise the potential of your penetration tests and increase the depth of your organisation's cyber security. 

“Pen tests on their own don’t do anything if you don’t have a way of tracking the issues, resolving the issues.” Jonathan Care


We cover the following topics:

  • How regularly penetration testing should be carried out to ensure that the organisation is secure as well as compliant
  • Driving accountability and how to use the data from pen testing
  • Expectations vs outcomes from pen testing
  • What additional value do you get with a continuous pen testing (CPT) service?
  • How does Razorthorn bridge the gaps between testing, tracking and resolving vulnerabilities with their CPT service, Razor’s Edge?
  • How cyber insurance premiums can be reduced through CPT
  • Are bug bounties complimentary to pen tests and what benefits and drawbacks do they have? 
  • How GRC can support a company following a pen test to increase internal and customer confidence by closing security gaps
  • What challenges arise when recruiting and retaining qualified pen testers given the current market conditions?


Megan, Jonathan, and I had an interesting discussion about the current trends in the penetration testing industry. We discuss the various ways organisations are utilising penetration testing, from quarterly snapshots in time to continuous pen testing, with reference to Razorthorn’s new CPT platform, Razor’s Edge.

We talk about how difficult it is to find and retain skilled professionals, when better-paying jobs are dangled like carrots in an industry where there is a notable skills shortage. 

We also talk about how to use intelligence to find new threats on the dark web and how to combine vulnerability scanning with pen testing. 

Find out more about Razor’s Edge here: https://www.razorthorn.com/cyber-security-testing/next-gen-continuous-pen-testing/ 

Listen to this episode on your favourite podcasting platform: https://razorwire.captivate.fm/listen


GUEST BIOS


Megan Brown

Megan Brown has spent over 15 years in SAAS and technology leadership roles. For the past 5 years, she has worked alongside the founding team at LogicGate to help scale the Risk Cloud, a next gen GRC workflow automation SaaS platform, around the world. Megan currently works as the Head of International Sales after having developed the Strategic Alliances and Partner Function at LogicGate. Megan leads the international market expansion strategy and sales team covering global markets. In her free time, she loves podcasts and is a host herself - you can hear more from Megan on LogicGate's GRC & Me podcast. She is a live music fan, marathon runner, and mom to a 3 year old daughter. Megan, her husband, and their daughter will be moving to Richmond, UK, this year, a long way from their previous home in Chicago, IL where the company has its US headquarters. 

Jonathan Care

Jonathan Care is a recognised expert in the field of Cybersecurity & Fraud Detection. A former top-rated Gartner analyst, Care was responsible for defining the Fraud market, and leading Gartner’s Insider Threat and Risk research. He regularly advises cybersecurity industry leaders on strategic growth and has worked with key figures in industry and government across the globe. He is a lead contributor for Dark Reading, an industry-defining publication. Jonathan has testified in court as an expert witness and forensic investigator and is a Fellow of the British Computer Society. He also fuels his creative passion as a composer of film/TV music.  

Social media: @jonathanhcare & https://linkedin.com/in/computercrime  


Resources Mentioned


LogicGate Security

Lionfish Security

Push Security

Dark Reading

Black Hat 

Razor’s Edge

Tech Vets

44 Con



Other episodes you'll enjoy


The Cyber Security Skills Shortage | Razorwire Podcast

https://www.razorthorn.com/the-cyber-security-skills-shortage/


Ex-Military Cyber Security Experts: How Military Training Prepares You for a Successful Career in Cybersecurity

https://www.razorthorn.com/ex-military-cyber-security-experts-how-military-training-prepares-you-for-a-successful-career-in-cybersecurity/


Connect with your host James Rees


Hello, I am James Rees, the host of the Razorwire podcast. This podcast brings you insights from leading cyber security professionals who dedicate their careers to making a hacker’s life that much more difficult.

Our guests bring you experience and expertise from a range of disciplines and from different career stages. We give you various viewpoints for improving your cyber security – from seasoned professionals with years of experience, triumphs and lessons learned under their belt, to those in relatively early stages of their careers offering fresh eyes and new insights.

With new episodes every other Wednesday, Razorwire is a podcast for cyber security enthusiasts and professionals providing insights, news and fresh ideas on protecting your organisation from hackers.

For more information about us or if you have any questions you would like us to discuss email podcast@razorthorn.com.

If you need consultation, visit www.razorthorn.com, We give our clients a personalised, integrated approach to information security, driven by our belief in quality and discretion.


Linkedin: Razorthorn Security

Youtube: Razorthorn Security

Twitter:   @RazorThornLTD

Website: www.razorthorn.com


Loved this episode? Leave us a review and rating here


All rights reserved. © Razorthorn Security LTD 2024



This podcast uses the following third-party services for analysis:

OP3 - https://op3.dev/privacy
Show artwork for Razorwire Cyber Security

About the Podcast

Razorwire Cyber Security
The Podcast For Cyber Security Professionals
Welcome to the Razorwire podcast where we share information, best practices and up to date news in cyber security and infosec.

Our mission is to help you become a better cyber security professional and support our vision of creating an agile community of cyber professionals who are stronger than ever before.

This show is first and foremost about sharing knowledge and benefiting from collaboration. We bring you the advice and wisdom of both your host, James Rees, and his guests to build on the strength and depth of your own knowledge and experience.

Your host James Rees is an information security veteran with over 25 years of industry experience and is the founder of Razorthorn Security, delivering expert security consultancy and testing services on a day to day basis to some of the largest and most influential organisations in the world, including many in the Fortune 500.

The Razorwire podcast is for cyber security professionals looking for new ideas and the drive to improve their response to cyber security events. Through collaboration, we can strengthen our defences.

For more information about us or if you have any questions you would like us to discuss on the podcast email podcast@razorthorn.com or head to www.razorthorn.com