… Enterprise security’s remit is defensive in nature: to protect and defend the company’s systems, data, reputation, customers, and employees. But CISOs like [Sara] Madden have been increasingly adding offensive components to their strategies, seeing attack simulations as a way to gain valuable information about their technology environments, defense postures, and the weaknesses hackers would find if they attack.

Now a growing percentage of CISOs see offensive security as a must-have and, as such, are building up offensive capabilities and integrating them into their security processes to ensure the information revealed during offensive exercises leads to improvements in their overall security posture. — Read More