Increase Competences through Penetration Testing

21 November 2018

Innovation within the hacker and cybercrime communities are developing new tactics, new strategies and new technologies faster than most organizations invest and implement new security technology. In other words, if your IT system was secure yesterday, it does not necessarily mean that it still is today. Penetration testing is the solution to many questions, but…

 

How does your organization react when it happens for real?

Agility, revenue, EBIT, brand…. etc. are all things that organizations need to pay attention to and this is where a proactive testing program will add value to the business. Testing your company's IT system for potential gaps, vulnerabilities, misconfigurations and human errors is a minimum requirement and should be scheduled and measured on a regular basis.

 

However, we have seen the need for testing the ability to identify, detect and remediate as well and this is where we see penetration test as an addition to the security testing that identifies how your organization reacts when an attack is happening for real.  

 

We believe that penetration testing is one of the tools that will create a  solid foundation for preparing and testing the way we handle an attack, and very important how we use this new knowledge to optimize our preparation for tomorrow and remediate risk at the same time.

 

Our methodology relies on standards to ensure common alignment with other test and peers in your sector. On top of this, we keep a tight logbook that among other things time stamps all actions during the test. Comparing the time stamp to your own defense strategy and resources will allow you to identify, quantify and qualify the ability to detect and respond.    

 

To take advantage of all the new ways of conducting business and all the new technologies for optimizing the topline or a measurable impact on the bottom-line most organizations are going through a transformation these days. Running a mature and agile business today in all sectors and across business units requires a trust in the foundation for a digital business case. In short, businesses are as dependent on IT as they are on electricity and skilled employees. 

 

At Combitech, we have a sincere interest in the safety of your company but also in the safety of the society. We know that IT security has far-reaching consequences that tap into society. Combitech has been working with security since 1963.

 

Combitech is an independent technical consulting company and part of defence and security group Saab AB. The 2.000 qualified consultants in our organization are your guarantee for always having access to the knowledge and capacity your company needs. At Combitech we work full-time with IT security and that is why we are constantly updated on the actual threat situation.

Sebastian Carlsson

Deputy CEO and Head of Cybersecurity

sebastian.carlsson@combitech.com

Other news

29 October 2020

How do you know if your system is secure, if it has never been tested?

Combitech contributes to a safer and more secure society. An important part of this work is performed by our penetration testers. Their work is to simulate hacker attacks in order to find vulnerabilities and weaknesses in networks and systems. Three of Combitech’s sharpest pentesters, Christoffer Olsen at Combitech Denmark, Michael Johansson at Combitech Sweden and Olav Sortland Thoresen from Watchcom in Norway explain what they do, how they do it and why their work is vital to many companies.

3 April 2019

A Holistic Approach to Cybersecurity

The capabilities and motivations of attackers to go after operational systems in infrastructures critical to society’s resilience are omnipresent. But these sectors are traditionally not prepared to deal with such security threats. It is time to wake up!

21 November 2018

Your organization is “GDPR compliant”, but do you perform penetration tests?

Today’s organizations are facing an ever-expanding set of legal and regulatory compliance requirements regarding how they must handle sensitive information, how they must ensure the resilience of their digital processes, and how they must protect the privacy of individuals. Organizations must not only operate within legal and contractual boundaries but do so in a way that creates the business value that their stakeholders expect of them.

Want to know more?