A Convincing Argument for Penetration Testing

A Convincing Argument for Penetration Testing

Is Your Business Safe From Hackers?

It’s possible a hacker is examining your business right now. He’s intelligent, he’s resourceful, and he’s looking to exploit any shortfalls he uncovers in your security measures. Whatever he finds, he’ll be sure to exploit it. The consequences might be negligible, or they could be catastrophic for business continuity.
What will he find and what loss or damage to sensitive data might result? How costly would it be to your business if you couldn’t operate for any length of time? If you don’t know the answers to these important questions, a penetration test will provide you with the information you need to help you mitigate for the unthinkable.
If you’re simply guessing, relying on incomplete information, or just hoping it won’t happen to you, you could be exposing your business to unnecessary risk.
A penetration test is probably one of the smartest precautions you can take to protect your company from attack.
There’s plenty of information on the internet to assist organisations concerned about security, and generic advice can be helpful to a certain extent. But, all businesses are different, with unique environments, control systems and cultures. Therefore, your vulnerabilities will likely be different from any other organisation.
In this initial blog post in our series focusing on penetration testing, we make the business case to justify investing some of your precious budget, hope it helps.

Want to check how good your organisation’s security is? Click here.


A penetration test, sometimes called a pentest for short, is performed by “ethical hackers” in order to simulate a real-world attack on your organisation’s defences.

Their objective is to:

  • Thoroughly test your defences using multiple techniques and tools with varying degrees of sophistication.
  • Highlight security vulnerabilities discovered in both systems and people.
  • Illustrate the impact a successful attack might have on your business.

A competent penetration tester will assist you to understand your security vulnerabilities, in context with the potential risks you face.

This will empower you to:

  • Reach informed conclusions about remedial actions you might take.
  • Make the case for additional investment in your organisation’s cybersecurity.
  • Address gaps in your security processes and policies.


The National Cyber Security Centre and the National Crime Agency’s report – The cyber threat to UK business – makes for disturbing reading.

Their findings include:

  • The cyber threat to businesses in the UK is significant and increasing.
  • The increasing number of devices connected to the internet is giving attackers more opportunities.
  • Threats are varied and adaptable.
  • They can be opportunistic, indiscriminate and colossal.
  • Threats are persistent and sophisticated, deploying bespoke malware capable of compromising a specific target.
  • 2016-2017 saw cyber-attacks on a scale and boldness never witnessed previously.


In February of 2018, the average cost of cybersecurity breaches to businesses in the UK in the previous 12 months was £1,380 for micro and small firms as reported by the statistics portal Statista. This figure increases to £19,600 for larger companies.

However, the cost should not be measured purely in monetary terms. There’s the effect of reputational damage to consider, the time needed to recover from an attack, and the resulting loss of service.

The consequences of cyber-crime can be severe; victims often feel blindsided because they didn’t anticipate the results of sustaining an attack.

Next time, we’ll help you find your way in a crowded marketplace and help you select a penetration testing provider wisely.

To find out more now, click here to contact us.  

Want to know more? Get in touch with one of our experts today

Related Content

PRCON 2011

PRCON 2011

Whilst we are ardent supporters of maintaining a healthy balance between work and life and well awar...

Welcome to the Perspective Risk Blog

Welcome to the Perspective Risk Blog

The Perspective Risk blog has been created to provide information security resources to the penetrat...