mailing list archives
Business justification for pentesting
From: sectraq () gmail com
Date: 30 Aug 2005 16:29:35 -0000
a few classic question that i would appriciate any answers for.
1- i would like to briefly know how to quantify information assets. In other words, i hear a pentester say: if a hacker
breaks in ur network, u will loose up to 40000$ for example. how can he come up with such figures?
2- are there any other means to justify pentesting for management except for $$$?
3- are there any official statistics, figures etc. for justifying pentesting. ther more official it is the better.
4- any other information you guys might find helpful in justifying a pentest would be appriciated.
thnx in advance for ur help.
- Business justification for pentesting sectraq (Aug 30)