To Pen or Not To Pen - The risks of not prioritizing Cyber Security
Cyber Security For All - A podcast by Apetech
Categorie:
Apetech Website: https://www.apetech.me/social https://anchor.fm/apetech/message Email: [email protected] Twitter: @apetechda Does your business have any digital assets? Do you use computers, emails, or create any data stored on computers? What about software, is your business in the business of creating software? If you answered yes to any of these questions, and I have a funny feeling that you did, this episode was crafted just for you. Penetration Testing, or pen testing for short, is something anyone running a business should highly consider. Getting hacked in 2021 and beyond isn’t a matter of if it will happen, but a matter of when it will happen. It’s inevitable. If your company is creating and producing digital goods and services, someone out there is going to want to get into your system. But the problem is that Pen tests are complicated. They are expensive, they require contracts and they carry some risk. A pen test gone wrong can cripple a company. After a pen test is executed, the findings then have to be resolved. This comes with additional cost, risk, and schedule. As you can see, for a company to go all in on a pen test, they need to be 100% sure they are committed. So, because of this, many companies forgo running pen tests. Not running a pen test is easier. You don’t have to change your priorities or impact your budget on fixing things you don’t know about. You don’t have to introduce scope change because you aren’t aware of any new changes that need to be scheduled in. And besides, what are the chances that your company is going to get hacked? Pretty low right. Most companies hope that nothing bad is going to happen because on a perfect day, they are already pressed for budget and time. But life isn’t always the best case scenario. Sometimes bad things will happen and you’ll need to react to these life events. What type of company are you running? The one that is reactive to life events or the one that will go out and get ahead of critical issues. It easy to live a reactive life if nothing bad has ever happened or if you believe that nothing will happen to you. But, I can assure you that in my experience disaster will strike and you are going to wish you would have done things differently. I hope that his message serves as a wake up call to everyone out there that’s on the fence. Take your information/cyber security seriously. Right now, when the storm is calm, is the right time to make decisions. You don’t want your team making multi million dollar decisions in the middle of the storm. Right now, when your head is clear and you don’t have the pressure of your production systems being compromised, is the when you should be investing your time, energy, and money into making sure you are as covered as you possibly can be. Don’t wait to be reactive. If your system or service had the potential to kill a human being, would you stop everything you were doing right now to fix it? I would invest some time on fixing my cyber security gaps in my company. Run that pen test and start closing that gap. Future self will thank you later. --- Support this podcast: https://podcasters.spotify.com/pod/show/apetech/support