If you are not 100% certain?
Are you 95.5%? that is 2 sigma(σ) if you want 99.9999% then that is 6 sigma(σ)
The attackers are coming
check this link:
The link explains what is obvious to all - we need the Internet and the criminal knows that so they will find any mistakes that you made/ are making.
The Criminals are working when you are sleeping in relatively lawless environments trying to find a way to make more money - your money.
Here is a link if you dare to check about the "Russian Carders Army"
A video by McAfee and FBI explaining background of Russian attackers(criminals) http://bcove.me/vchfpcni
I don't know if you understand yet, if you have any problems in your defenses, the hackers will find it, and it is only a matter of time before your company will be hacked, your company will be extorted, your equipment will be used for the criminal ends.
This phenomenon is not new and will not stop.
Risk management failed us - because the system that is not important may have mistakes, and once hacked allows the more important machines to be hacked as well. So risk management failed.
We can no longer make judgements with risk and say this machine is more important and can have less problems than others. ALL machines are important
We can help you MAKE sure that you are as close to 100% certain as possible.
I believe companies need to run a minimal set of vulnerability analysis
Which I explain here:
The idea is to at least cover your basic vulnerabilities with a regular scan, because one has to be perfect, there are too many attacks heading our way for you not to test your defenses with outside help.
Of course you can (and should have a layered defense strategy) like in this link:
Or with Six Sigma (σ)
we need Six Sigma Security
(image from www.simplilearn.com)
And the only way to achieve it is with testing testing testing.
In QA that is how six sigma is performed to 99.9999% error free.