Page 184 - Cyber Defense eMagazine December 2023
P. 184

The constraints of snapshot in time penetration testing

            Periodic  penetration  testing  has  been  a  standard  practice  for  many  organizations,  but  is  it  the  best
            approach for cybersecurity assessment? One major constraint of this method is that it can only provide
            a snapshot of the organization's security posture at a specific point in time. This means new vulnerabilities
            arising after the testing period will be left undetected. Case in point, according to the 2022 Cost of a Data
            Breach report, it takes an average of 277 days to identify and contain the breach.

            Another limitation of periodic penetration testing is its reliance on time-based testing, where testers are
            given a specified amount of time to identify vulnerabilities. This approach does not account for some of
            the more complex and advanced attacks that may require additional time to uncover.

            Traditional penetration testing involves manual testing by security experts with varying skill levels. This
            snapshot testing adds a constraint on the accuracy of the results, which significantly depends on the
            testers capabilities. A single mistake or oversight from the testers can lead to costly breaches.

            Lastly, periodic penetration testing offers limited scope when assessing an organization’s entire security
            landscape.  The  manual  testing  process can only  cover specific  areas of  the  organization's  network,
            leaving other areas untested.



            How to embrace continuous cybersecurity testing

            While periodic penetration testing can provide a snapshot of your organization’s security posture, it often
            fails  to  account  for  the  dynamic  nature  of  cyber  threats.  Organizations  must  continuously  test  their
            security measures to effectively mitigate risks to identify and neutralize emerging threats in real-time.

            Organizations can leverage various approaches and tools to implement continuous cybersecurity testing,
            such as the Atomic Red Team by Red Canary, an open-source library of tests mapped to the MITRE
            ATTACK  framework  that  security  teams  can  use  to  simulate  adversarial  activity  and  validate  their
            defenses. These tools can help prioritize and mitigate potential cyber-attacks by automating security
            testing and providing valuable insights into adversary tactics and techniques.


            Endpoint security testing and firewall testing are excellent starting points for implementing continuous
            cybersecurity testing. By simulating phishing emails, running PowerShell commands at endpoints, and
            monitoring VPN logins at the firewall level, organizations can proactively identify potential vulnerabilities
            and mitigate them before cyber attackers can exploit them. Proofpoint’s 2021 State of the Phish Report
            revealed that 57% of organizations dealt with at least one successful phishing attack in 2020. These
            statistics  underline  the  importance  of  continuous  cybersecurity  testing,  particularly  in  the  area  of
            simulated phishing, to detect and mitigate such threats promptly.


            Ultimately,  embracing  continuous  cybersecurity  testing  is  vital  to  securing  your  organization  and
            safeguarding your valuable assets. With the right tools and strategies, organizations can identify and
            neutralize threats in real-time, stay ahead of the curve, and protect their systems and data from cyber
            threats.






            Cyber Defense eMagazine – December 2023 Edition                                                                                                                                                                                                          184
            Copyright © 2023, Cyber Defense Magazine. All rights reserved worldwide.
   179   180   181   182   183   184   185   186   187   188   189