The document discusses various approaches and resources for enhancing organizational security, emphasizing the importance of both in-house expertise and external teams. It addresses common security testing methodologies and types, highlighting the necessity of properly understanding services such as penetration testing and vulnerability assessments. Additionally, it promotes Infosec Skills educational programs, providing extensive training options and resources for cybersecurity professionals.

2. Meet the
panel
Executive Partner, Independent Security Evaluators
Infosec Skills Author
Jeff Peters
Director of Content Marketing
Infosec
Ted Harrington

3. Additional training resources
More from Ted Harrington
⮚ How to secure your software faster and better (ebook)
⮚ Ted’s Infosec Resources articles
⮚ How to Do Application Security Right courses
(need to create a free Infosec Skills account)
Other free resources from Infosec
⮚ Infosec Skills Monthly Challenge
⮚ Infosec YouTube channel
⮚ Infosec Accelerate Scholarship

4. Agenda: 10 mistakes organizations make

5. Challenges: Skills shortage
“Your best option is to
take a two-pronged
approach: build your
own expertise in-house,
and also hire an external
security team.”
Organizational security
External
team
In-house
experts

6. Testing: What methodology?
Black box is a testing
methodology that limits
information
White box is a testing
methodology that
maximizes information
vs.

7. Testing: What type?
“Asking for penetration
testing, being sold
vulnerability scanning,
but likely need
vulnerability
assessments.”
Scanning
Penetration
testing
Vulnerability
assessments

8. Find and remediate issues
Source: Hackable
“Advanced tactics is
where the magic
happens. When you
go beyond the basics,
that’s where the
critical-type issues are
found.”

9. Let’s talk money!
“No rational person
wants anything to be 25
times harder or 10.1
percent more expensive
than it needs to be. Yet,
companies do this all the
time when they choose
to bolt on security.”
Source: Hackable

10. Questions?

11. 15 scholarships. 5 categories. $225,000+ value.

12. Learn cybersecurity with Infosec Skills
Infosec Skills subscription:
➢ 190+ role-based learning paths (e.g., Ethical Hacking,
Digital Forensics, Advanced Intrusion Detection)
➢ 100s of hands-on labs in cloud-hosted cyber ranges
➢ Custom certification practice exams and skill
assessments aligned to key cybersecurity roles
Infosec Skills live boot camp:
➢ Live, instructor-led training (in-person or live online)
➢ Free annual Infosec Skills subscription
➢ 1-year extended access to all boot camp video replays
and materials
➢ Exam voucher and Exam Pass Guarantee
infosecinstitute.com/skills

13. About us
Infosec believes knowledge is power when fighting
cybercrime. We help IT and security professionals advance
their careers with skills development and certifications
while empowering all employees with security awareness
and privacy training to stay cyber-safe at work and home.
www.infosecinstitute.com