Cyber attacks are socially motivated attacks that are carried out mainly through the Internet. These attacks are targeted towards corporate organizations, as well as the general public.
In 2013 alone, the cost of cyber attacks in South Africa aggregated to approximately $320 million dollars. Cyber attacks are no longer just a threat but a reality. According to Drew van Vuuren (consulting partner at 4Di Privaca), cyber attacks are becoming more and more common, as countries are getting globally connected.
It’s more important than ever now, to undertake periodic vulnerability scans in order to identify vulnerabilities and ensure that an organization’s networks are completely secure. The security controls of an organization should be completely effective.
Vulnerability scanning gauges the networks, the applications as well as the servers for vulnerabilities. On the other hand, pure vulnerability scanning shows false positives, which could lead to a not so effective security mechanism.
In Penetration testing, vulnerabilities are exploited in a safe manner, in order to find the loop holes in an IT network.
Organizations need to be tested regularly, because of the following reasons:
• To check the weaknesses in an infrastructure – hardware and software.
• To ensure that the controls are implemented and are adequate – this offers an assurance to the
information security as well as the senior management.
• To test applications that are vulnerable towards an attack.
• To find new bugs in the present software, as updates and patches can fix existing vulnerabilities. But, they are also capable of introducing new vulnerabilities.
Penetration testing and vulnerability scanning can test an organization’s IT infrastructure and its ability to detect breaches and intrusions. Organizations should scan the external infrastructure as well as its applications to protect against outside threats. They also need to do the internal testing in order to protect against inside threats. Controls between different enterprise systems are included in the internal testing, to ensure that they are correctly configured.
Penetration testing is required to be done on a regular basis in order to find out recently discovered vulnerabilities, which were not previously known. The frequency of the tests depend on the kind of testing being done and the aim of the test. These tests should at least be conducted annually, or maybe monthly, to find out the internal vulnerabilities of workstations. PCI DSS standards recommend different intervals for various types of scans.
Penetration testing should be done after new infrastructure deployment as well as after critical changes to applications and infrastructure.