What challenges does your organization face with your penetration testing program?

Security & GRC Risk Management

Hiring enough skilled personnel to do the testing (internal)21%

Getting others to act on the findings45%

Getting executive sponsorship and funding for the program23%

Getting qualified 3rd parties to do the testing10%

Other (please comment below)

221 PARTICIPANTS

2.7k views1 Comment

Sort by:

Associate Vice President, Information Technology & CISO in Education5 years ago

We use Synack for crowdsourced red team / penetration testing activities on a continuous basis (365x7x24)... So keeping up with remediating the findings is sometimes the biggest challenge.

Content you might like

How often do you survey your organization for new, emerging risks? My company currently does quarterly surveys and I am contemplating dropping it down to 2x/year. Appreciate the insights!

Can you share any effective processes/strategies you’ve used to integrate cyber risk management and enterprise risk management at your org?

Have you inventoried your API footprint?

Yes50%

We have plans to inventory our API footprint39%

No9%

Other (share in the comments)

View Results

We need a DSAR solution to reduce time and effort of the currently manual process. We've looked at OneTrust, Aiimi and Smartbox and have been advised to also consider Mine and Transcend?

Anyone with any feedback or guidance? Also if anyone has smart ideas on redaction solutions?

Should I be worried about quantum-safe encryption today?

Yes62%

No38%

What challenges does your organization face with your penetration testing program?

Sort by:

Content you might like

How often do you survey your organization for new, emerging risks? My company currently does quarterly surveys and I am contemplating dropping it down to 2x/year. Appreciate the insights!

Can you share any effective processes/strategies you’ve used to integrate cyber risk management and enterprise risk management at your org?

Have you inventoried your API footprint?

We need a DSAR solution to reduce time and effort of the currently manual process. We've looked at OneTrust, Aiimi and Smartbox and have been advised to also consider Mine and Transcend?

Anyone with any feedback or guidance? Also if anyone has smart ideas on redaction solutions?

Should I be worried about quantum-safe encryption today?

What sets us apart?

RELATED ONE-MINUTE INSIGHTS

How are U.S. CISOs Addressing Liability Risk?

CrowdStrike Outage: Impact And Recovery

Impact & Perceptions of A Privacy-First Digital Era

Challenges & Tools For A Privacy-First Internet Age

IT and Infosec Collaboration on Vulnerability Patching

Take Your Insights On-the-Go

What challenges does your organization face with your penetration testing program?

Sort by:

Content you might like

How often do you survey your organization for new, emerging risks? My company currently does quarterly surveys and I am contemplating dropping it down to 2x/year. Appreciate the insights!

Can you share any effective processes/strategies you’ve used to integrate cyber risk management and enterprise risk management at your org?

Have you inventoried your API footprint?

We need a DSAR solution to reduce time and effort of the currently manual process. We've looked at OneTrust, Aiimi and Smartbox and have been advised to also consider Mine and Transcend? Anyone with any feedback or guidance? Also if anyone has smart ideas on redaction solutions?

Should I be worried about quantum-safe encryption today?

What sets us apart?

RELATED ONE-MINUTE INSIGHTS

How are U.S. CISOs Addressing Liability Risk?

CrowdStrike Outage: Impact And Recovery

Impact & Perceptions of A Privacy-First Digital Era

Challenges & Tools For A Privacy-First Internet Age

IT and Infosec Collaboration on Vulnerability Patching

Take Your Insights On-the-Go

We need a DSAR solution to reduce time and effort of the currently manual process. We've looked at OneTrust, Aiimi and Smartbox and have been advised to also consider Mine and Transcend?

Anyone with any feedback or guidance? Also if anyone has smart ideas on redaction solutions?