Security Expert, Sectra Communications
Leif Nixon is a cybersecurity expert at Sectra with more than 20 years of experience in IT security in all its aspects.
He has deep technical knowledge and a broad understanding of various types of cyber threats, including the geopolitical threat landscape. He has worked 13 years for the Swedish National Supercomputer Centre and among other things he has worked with incident management, intrusion detection, digital forensics and penetration testing.
Leif has also supported police authorities in multiple countries with investigations regarding cyber-related crimes.
Ugh, Penetration Tests: what’s even the point?
There is no common understanding of what a penetration test should be. At worst it is just paying somebody to run a vulnerability scanner against your Internet-facing systems, at best it is a set of realistic attacks against your cyber, physical and human attack surface, based on a thorough threat assessment and risk analysis.
Neither is there any common understanding of why penetration tests should be run, beyond the usual “PCI DSS says so”. I will talk about these issues, highlighted by some of my favourite (and least favourite) moments from past pentest engagements. Oh, and I will demonstrate my invisibility jacket.