Information security governance is a subset of enterprise governance that provides strategic direction, ensures that objectives are achieved, manages risks appropriately, uses organisational resources responsibly, and monitors the success or failure of the enterprise security programme.
A penetration test, also known as a pen test, is a simulated cyber attack against your computer system to check for exploitable vulnerabilities. Pen testing can involve the attempted breaching of any number of application systems, (e.g., application protocol interfaces (APIs), frontend/backend servers) to uncover vulnerabilities, such as unsanitized inputs that are susceptible to code injection attacks.
Ethical hacking is legally breaking into computers and devices to test an organization’s defenses using techniques such as penetration testing among others.
Social engineering is the art of manipulating people so they give up confidential information. The information may vary in nature and complexity and usually sought by criminals to perform various crimes or gain understanding of an organization.
A sound policy is about knowing your environment, understanding best practice and finding common ground between the two. Sounds tough then give us a call and we can help you through it.