HOW DOES PENETRATION TESTING HELP WITH GDPR COMPLIANCE

Article 32 of GDPR states that data controllers and processors should implement appropriate “technical and organisational measures to ensure a level of security appropriate to the risk” and that there should be a “process for regularly testing, assessing and evaluating the effectiveness” of these measures to ensure the security of processing.

Regular penetration testing helps to satisfy this requirement.

The Benefits of Penetration Testing

The General Data Protection Regulation (GDPR) came into force in May 2018, and cyber security is at the heart of it, with significant fines and penalties being issued for non-compliance.

The need for regular robust security testing is outlined in the regulation and is therefore essential to compliance.

Failing to regularly test your systems will act as a clear sign to regulators that security is not being taken seriously, and could lead to devastating consequences for your business.

It is advised that you perform penetration tests annually, or when any significant changes are made to your IT estate.

As a minimum, both an external and internal network infrastructure test should be carried out in order to satisfy regulators.

If your organisation has an application that was specifically coded for you, either internally or externally, application penetration testing will also verify that the developers have implemented the proper access controls.

WHAT HAPPENS DURING A PENETRATION TEST?

During our penetration tests, our expert team emulate the attack methodologies and advanced techniques used by cyber criminals and malicious insiders, verifying that all the relevant security controls are in place, or highlighting any weaknesses within the corporate system.

At Arcturus, every customer is provided with a detailed report which acts as an action plan to help you remediate any vulnerabilities. We also carry out a full debrief and work with you to improve your cyber security standing and address any issues before they impact your business.

How we work

Pre-Test

We determine your specific requirements before building a tailored proposal.

Test

Our thorough testing simulates the attack methodologies of today’s most advanced hackers.

Reporting

Our comprehensive reports impart clear, practical advice on how to address any weaknesses.

Review

We offer ongoing support to guide you through the process of securing your applications.

Other services

Application Penetration Testing

In this increasingly interconnected world, security can no longer be an afterthought. Your business, and your customers, deserve strategic security solutions. Learn more >

Network Infrastructure Testing

From managed cloud hosting to colocation services, Cyberfort takes the same approach to cloud as we do with everything else: security first. Learn more >

Cookie Name	Expiration Time	Description
_ga	2 years	Used to distinguish users.
_gid	24 hours	Used to distinguish users.
_gat	1 minute	Used to throttle request rate. If Google Analytics is deployed via Google Tag Manager, this cookie will be named _dc_gtm_<property-id>.

_gac_<property-id>	90 days	Contains campaign related information for the user. If you have linked your Google Analytics and Google Ads accounts, Google Ads website conversion tags will read this cookie unless you opt-out.
__hstc	13 months	The main cookie for tracking visitors.
hubspotutk	13 months	This cookie keeps track of a visitor's identity. It is passed to HubSpot on form submission and used when deduplicating contacts.
__hssc	30 minutes	This cookie keeps track of sessions.
__hssrc	End of session	Whenever HubSpot changes the session cookie, this cookie is also set to determine if the visitor has restarted their browser.