Cyber-risk management is more difficult at organizations today than it was two years ago. So say 73% of security professionals in a recent ESG research survey. (Note: I am an ESG employee.) Why? Survey respondents point to things like the growing attack surface, the rising number of software vulnerabilities, and the increasing technical prowess of cyber adversaries.
How can organizations mitigate growing cyber risks? One common way is to get a better handle on the strength of existing cyber defenses through exercises such as red teaming and penetration testing.
