Governance & Risk Management , Incident & Breach Response , Managed Detection & Response (MDR)

Pen Testing: How Far Should You Let White Hat Hackers Go?

Attorney Kay Lam-MacLeod Discusses Defining the Goals
Kay Lam-MacLeod, principal, Idealaw

Penetration tests can reveal holes in an organization's security. But framing the scope of a penetration test can be challenging, and good results don't necessarily mean 100 percent security. says attorney Kay Lam-MacLeod.

See Also: Hunt Cloud Threats or Be Hunted | CISO Guide to Cloud Compromise Assessments

In an interview at Information Security Media Group's recent Sydney Fraud and Breach Prevention Summit, Lam-MacLeod discusses:

  • How to define the goals of a penetration test;
  • What a penetration test can and can't reveal;
  • What you should allow white hat hackers to do.

Lam-MacLeod is principal at Idealaw, a technology-focused law firm in Brisbane, Australia. She provides virtual in-house counsel support for IT companies, drafting website documentation, contract and policies. The firm also covers the law relating to e-commerce and intellectual property.

About the Author

Jeremy Kirk

Jeremy Kirk

Executive Editor, Security and Technology, ISMG

Kirk was executive editor for security and technology for Information Security Media Group. Reporting from Sydney, Australia, he created "The Ransomware Files" podcast, which tells the harrowing stories of IT pros who have fought back against ransomware.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.