|
Business Benefits
Spending on Penetration Testing is a long-term value business investment. The benefits go beyond the immediate problem of breach avoidance and information loss.
MWR InfoSecurity Penetration Testing services are designed to enable the improvement of the IT environment and development process. As well as thoroughly testing application components and the infrastructure they reside in we ensure that they are configured for best performance. Therefore, long after any testing and remedial work is complete your organisation will benefit from faster performance, reduced downtime and increased service availability.
Business Risks
Overall cost of a company's worst incident in the last year
Direct Costs of a security incident |
Overall |
Large Businesses
(10,000+ employees) |
Loss of assets, regulatory fines etc. |
e.g. DPA £5k max fine for a conviction in the Magistrates Court and unlimited fines for convictions in the Crown Court |
e.g. DPA £5k max fine for a conviction in the Magistrates Court and unlimited fines for convictions in the Crown Court |
Indirect Costs of a security incident |
Overall |
Large Businesses |
Business Disruption |
£6,000 - £12,000
over 1- 2 days |
£50,000 - £150,000
over 1- 2 days |
| Time spent responding to incident |
£600 - £1,200
2- 4 man- days |
£1,75- - £3,500
5 - 10 man- days |
Direct cash spent responding to incident |
£1,000 - £2,000 |
£3,500 - £5,000 |
| Direct financial loss (e.g. loss of assets, fines etc.) |
£500 - £1,000 |
£3,500 - £5,000 |
Damage to Reputation |
£100 - £400 |
£5,000 - £10,000 |
| Total cost of worst security incident |
£8,000 - £17,000 |
£65,000 - £130,000 |
DTI & PwC "Information security breaches survey 2006"
Technical Improvements
Features |
Benefits |
Perimeter security management |
Enables access control of local networks |
Network intrusion prevention |
Removal of attack opportunities |
Limits access to servers |
Promotes business resilience |
Decreases downtime resulting from attacks |
Reduces maintenance and network operation costs |
Organisational Benefits
Provides both general and specific information about risks and controls
Assists in creating a strong security culture
Improves the effectiveness and consistency of existing controls
Can stimulate the adoption of additional cost-effective controls
Helps reduce the number and extent of information security breaches
|
