The volume of cyber attacks on federal organizations has gotten to the level that traditional methods have lost their efficacy. If you merely react to an intrusion, the malicious actor has gotten what he wants and has left.

Today, we sat down with Vinay Anand, the Chief Product Officer for a company called NetSPI. Back in 2001, they were founded to improve server, network, and application penetration services. Their initial offering of penetration testing has become so successful that it is being used by nine out of the top ten banks in the United States.

Over the decades, they have learned that true security went beyond penetration testing. They had to take a more initiative-taking approach.

For example, the attack surface back in 2001 was minuscule compared to what is happening today. Covid has encouraged remote access, sensors are everywhere, and cheap storage has allowed malicious actors the opportunity to place code in unimaginable places.

A tech leader must be able to identify and protect the unknown. The first step is to protect the external-facing network and the internal network.

The internal aspects can be controlled by tools classified as Cyber Asset Attack Surface Management analysis. The external system can be examined by an External Attack Surface Management system as well.

That may be a terrific beginning, but this knowledge must be augmented while simulating an attack. NetSPI can assist an agency in developing an attack plan and narrative. That way, they can understand their risk profile and optimize methods to recover from an attack.

During the interview, Vinay Anand gives a terrific overview of the development of different methodologies behind system protection.

 Want to leverage you next podcast appearance? https://content.leadquizzes.com/lp/fk1JL_FgeQ

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/

Want to listen to other episodes? www.Federaltechpodcast.com