- This topic has 3 replies, 4 voices, and was last updated 11 years, 10 months ago by
.
-
Posts
-
-
Seems that a reoccuring question is how do I get someone to pay for my training in the area of ethical hacking or pen testing. The short answer is, you have to justify it to the business.
The people that sign off on the training first have to believe that a pen test will provide value to your organization. They need to learn that a trusted person finding an issue is way better than a bad guy. Once they realize that a pen test can help secure your organization you are only a small hop away from convincing them that training you is cheaper than spending all the money on someone else (of course a 3rd party look from a seasoned veteran is never bad).
Here is a good post on the value of a pen test and how to answer those tough questions.
http://howisthatassuranceevidence.blogspot.com/2009/04/to-pen-test-or-not-to-pen-test-that-is.html
-
Nice find. Thanks for the link.
I also found this http://isc.sans.org/diary.html?storyid=6133
-
-
-
- You must be logged in to reply to this topic.
