Governance & Risk Management , Incident & Breach Response , Security Operations

Pen Testing: How Far Should You Let White Hat Hackers Go?

Attorney Kay Lam-MacLeod Discusses Defining the Goals
Kay Lam-MacLeod, principal, Idealaw

Penetration tests can reveal holes in an organization's security. But framing the scope of a penetration test can be challenging, and good results don't necessarily mean 100 percent security. says attorney Kay Lam-MacLeod.

See Also: The Guide to Just-In-Time Privileged Access Management

In an interview at Information Security Media Group's recent Sydney Fraud and Breach Prevention Summit, Lam-MacLeod discusses:

  • How to define the goals of a penetration test;
  • What a penetration test can and can't reveal;
  • What you should allow white hat hackers to do.

Lam-MacLeod is principal at Idealaw, a technology-focused law firm in Brisbane, Australia. She provides virtual in-house counsel support for IT companies, drafting website documentation, contract and policies. The firm also covers the law relating to e-commerce and intellectual property.

About the Author

Jeremy Kirk

Jeremy Kirk

Managing Editor, Security and Technology, ISMG

Kirk is a veteran journalist who has reported from more than a dozen countries. Based in Sydney, he is Managing Editor for Security and Technology for Information Security Media Group. Prior to ISMG, he worked from London and Sydney covering computer security and privacy for International Data Group. Further back, he covered military affairs from Seoul, South Korea, and general assignment news for his hometown paper in Illinois.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.