BSI CYBERSECURITY
Digital
trust | The route to a safe , secure and cyber resilient organisation
Historically , an often underestimated arm of cyber resilience is testing . Whether it ’ s an automated vulnerability assessment or a simulated penetration testing , businesses need to employ offensive testing techniques to verify the full impact of identified vulnerabilities . However , this is not a one-time process . Organisations need to adopt a continued testing model as opposed to point-in-time testing , which doesn ’ t present a full picture of potential threats . This overall cyber resilience method should ideally run from initial concept to minimal viable product ( or MVP ) and through internal staging versions before being tested again in the live environment . Best practice aside , this model of testing also has proven benefits . Mark concludes by saying “ If you wait to simply do testing as a final stage , you may reduce your costs up front but you ' ll actually increase your costs overall for the project , because the retrofit of security into a project which hasn ' t had security built in by design can often be as much as 30 to 40 % of the total project cost .”
technologymagazine . com 307