Your organisation’s internal network is exposed to both external and internal breaches. External intruders who breach your perimeter defences and resentful internal stakeholders who attempt to damage or leak sensitive information are both equally concerning threats to your business. It is therefore just as crucial to regularly test your internal network as it is for your external network.
Internal penetration testing allows you to test if an attacker can access your network internally to perform unauthorised disclosure, misuse, alteration or destruction of confidential information including Non-Public Personal Information (NPPI).
In accordance with IT security best-practice, CNS recommends that organisations perform an internal penetration test as part of their regular security testing to ensure the security of their internal network.