I had to laugh, well kind of anyways, when I saw the following article. Reason being is that I have had clients in the past balk at the cost of my per diem, and by extension the pen-test that I was contracted for. Well, if you factor in the cost of a class action lawsuit, or simple litigation, guess which is by far cheaper. Much as I stated to the client, is that my fee, while four figures, is a heck of a lot less then being sued for not practicing due diligence. Having a yearly pen-test of vulnerability assessment done is no longer an option, but a business necessity.
Technorati Tags: Pen-test, Vulnerability assessment, TJX breach