What challenges does your organization face with your penetration testing program?

Security & GRC Risk Management

Hiring enough skilled personnel to do the testing (internal)29%

Getting others to act on the findings46%

Getting executive sponsorship and funding for the program15%

Getting qualified 3rd parties to do the testing9%

Other (please comment below)0%

239 PARTICIPANTS

2.3k views1 Comment

Associate Vice President, Information Technology & CISO in Education, 1,001 - 5,000 employees

We use Synack for crowdsourced red team / penetration testing activities on a continuous basis (365x7x24)... So keeping up with remediating the findings is sometimes the biggest challenge.

Content you might like

If you had a magic wand - what's the #1 daily business challenge you'd eliminate?

People & Leadership Strategy & Architecture Cloud +57 more

CTO in Software, 201 - 500 employees

Without a doubt - Technical Debt! It's a ball and chain that creates an ever increasing drag on any organization, stifles innovation, and prevents transformation.

Read More Comments

40.8k views131 Upvotes319 Comments

Are you planning to improve endpoint security in the next 12 months with any of these additional capabilities?

Security & GRC Threat & Vulnerability Management Identity & Access Management (IAM)+8 more

Patch management: to reduce attack surface and avoid system misconfigurations39%

Malware and ransomware prevention: to protect endpoints from social engineering attacks58%

Malware and fileless malware detection and response: to protect against malicious software49%

Threat Hunting: to detect unknown threats that are acting or dormant in your environment and have bypassed the security controls33%

Not planning to change endpoint security strategy10%

184 PARTICIPANTS

385 views

Do you personally opt out of sharing data with your mobile service provider?

Data Privacy Risk Management Culture & Values

Yes — always.37%

No, I don't mind sharing my data48%

Not yet, but I might opt out soon9%

Don’t know — I need to check!4%

160 PARTICIPANTS

456 views

Does the risk of Ransomware and malware propagation bother you? Is IoT security a top of mind for you? To protect against many risks, we have witnessed success of micro-segmentation in the data center. Would you be willing to deploy similar solution for the campus? I am very curious to get your feedback?

Security & GRC Threat & Vulnerability Management

ISSO and Director of the IRU in Healthcare and Biotech, 10,001+ employees

I would definitely suggest this based of how you categorize your types of data/systems and information being stored in certain parts of your data center. I think it’s really dependent on the size of your organization and ...read more

Read More Comments

2.6k views5 Upvotes5 Comments

Any recommendations on OT security product? I tried pushing Crowdstrike but it wasn't approved by OEMs. Other two are Claroty and Nozomi. Any feedback either on above two or any other as per your experience?

Security & GRC Strategy & Architecture

Director of IT in Manufacturing, 1,001 - 5,000 employees

I am pretty much convinced with output of Claroty, however unsure about pricing since they do not have much competition. I reached out to Gartner for commercial review but could not get satisfactory response. Any ballpark ...read more

Read More Comments

1.8k views1 Upvote2 Comments