What is the difference between a Penetration Test and a vulnerability scan?

Duty of Care in a cybercrime world!

We are all connected in today’s world through the invisible and mostly unknown world of the internet.
We practically do everything in “cyber” space.   From ordering food, organizing a date to storing our whole lives in bits and bytes.
Email, social media, web and mobility are all driving our world.
Everything is connected to the internet!
So who is responsible for making sure all that information, all of those little bits of information is safe.
Is it the person who supplies that information?
Is the organisation collecting it and storing it?
Is it the Governments responsibility?
We all know that it can’t be the people who are are collecting and storing the information.   The giants of the internet tell us they are just a platform!
We click through all of these legal documents, acceptable use policies, that have been designed to protect them from practically every eventuality.
SME’s don’t have that luxury.   Our reputation is our only constant and we need to keep it safe.   When it comes to SME’s, ask these questions.
What is the difference between a Penetration Test and a vulnerability scan?

What is the difference between a Penetration Test and a vulnerability scan?

If you are collecting that information – What’s your duty of care?   

Have you done everything in your power to protect that information?
Have you done everything to comply with all of those regulatory requirements that make doing business difficult?
To support your clients, customers and staff are you protecting their information?
If you are supplying the information – what is your duty of care?
Have you asked the simple question, how much information am I putting out there.   When I take a photo and upload it to social media have I removed the geo tags.
When I get into a conversation with someone on social media am I checking their “humanness”, are they really that person?
Am I mistrusting everyone, am I paranoid about everything, am I aware of some of the things that can significantly impact my life, both in the real world or in the digital.
These are the questions that we need to ask and here is some advice.
In today’s world have you done this?
  • “TRUST NO ONE”
  • Be aware
  • Get paranoid and
  • Use some common sense.

Roger Smith is the CEO of R & I ICT Consulting Services, Lecturer at ADFA (UNSW – Australian Centre of Cybersecurity), Amazon #1 selling author on Cybercrime, Presenter for the Business Security Intensive, author of the Digital Security Toolbox and Digital Security Framework.   Rapid Restart Appliance Creator.   He is a Speaker, Author, Teacher and Educator on cybercrime and how to protect yourself from the digital world. 

Posted in Business Security and tagged , , , , , .

Leave a Reply

Your email address will not be published. Required fields are marked *