It’s no longer a question of if you will be hacked.
It’s when.
This makes rigorous security testing all the more important. And Red Team exercises, testing the organisation against an adversary in real time, is one of the most effective methods.
A Red Team will challenge both technical and human defences. It goes beyond the scope of penetration testing.
But Red Teaming can be tough. It can be costly, demanding in time, and potentially disruptive to the business.
And not just the IT security team – but the business – need to act on the findings.
How should CISOs engage a red team, and what is the best way to make the exercise effective?
In this special report, we speak to Gemma Moore, of Cyberis and CREST, David Benson, of PentestPeople, and Richard Hughes of A&O IT Group.
Reporter: Stephen Pritchard