Managing risk across an organization requires a lot of different things: setting strategy, determining tolerance, defining metrics. These are critical in your overall risk management efforts, and even more so in information security. But where do you begin? There’s no denying it can feel like a daunting task. It’s hard to make sure that information… Read More
In our previous blog, we introduced our 2016 top five penetration testing lessons learned blog series. Today, in Part II of this series, we discuss our first finding: insufficient network segmentation. The Challenges of Network Segmentation Many of the clients we conduct penetration tests for are larger organizations that have thousands of hosts on a completely flat… Read More