Kees Stammes Managing Director Securify
25 July 2024

Threats are becoming more sophisticated, regulations are tightening, and the pressure on IT professionals is increasing.

Pentesting, Red & Purple Teaming, and DORA

In the dynamic world of cybersecurity, new challenges and opportunities continually arise. Threats are becoming more sophisticated, regulations are tightening, and the pressure on IT professionals is increasing. Within this context, pentesting, Red & purple teaming, and the Digital Operational Resilience Act (DORA) are essential for enhancing the resilience of financial organizations.

Pentesting: the foundation of resilience

Pentesting, or penetration testing, forms the foundation of any effective cybersecurity strategy. By attacking systems and networks in a controlled manner, organizations can identify vulnerabilities before malicious actors do. However, the Solvinity Security Report 2024 reveals that many companies still lag in this area.

In 2023, over 10% of surveyed organizations reported having no policy for pentesting. This percentage has slightly increased to 12%. This is concerning, as the absence of regular pentesting means many organizations have a false sense of security. Our recommendation is clear: start developing a test strategy to enhance resilience.

Red teaming and purple teaming: the boost to resilience

Red teaming goes a step beyond traditional pentesting. While pentesting focuses on finding all vulnerabilities in specific systems, Red teaming simulates a real attack, such as a ransomware attack or an attack to steal information. During a Red teaming exercise, no one in the organization, except a couple of people (the white team), are aware of the test, and it is up to the organization to detect and mitigate the attack.

A Red teaming exercise involves multiple structured phases that the Red team uses to gain insights into both technical and organizational security measures. These phases include specific actions that mirror the progression of a real cyberattack, known as the Unified Kill Chain.

A purple teaming exercise follows the same steps as Red teaming but is conducted together with the organization. This results in high engagement within the organization and allows for immediate improvements by the blue team during the attack, such as creating detection rules.

In our Red teaming projects, we see that nearly every attack succeeds, despite the certifications and audits that larger companies often rely on. This underscores the importance of realistic and rigorous testing. The takeaway is clear: checkmarks and audits form the foundation but do not provide complete protection. Ensure that you test your environment and organization with realistic scenarios and gain experience in responding to them. This provides the ultimate resilience boost for your organization.

DORA: combining pentesting and Red & Purple teaming for a resilient digital future

The introduction of DORA by the European Union marks an important step forward in regulating digital resilience within the financial sector. DORA requires financial institutions to ensure their operational resilience and includes the obligation to regularly conduct pentesting and Red teaming exercises.

DORA emphasizes a broad approach to cybersecurity, meaning that not only technological measures but also organizational and procedural aspects must be strengthened. For many companies, this will require a cultural shift, making cybersecurity an integral part of the business strategy rather than an afterthought.

"With the rise of increasingly sophisticated threats and stricter regulations, it is more important than ever for organizations to implement proactive and thorough security measures."
Recommendations for organizations

Given the complexity and growing threat of cyberattacks, it is crucial that companies take proactive measures to increase their resilience. Here are some recommendations:

  1. Implement a test strategy: Ensure that pentesting and Red and Purple teaming exercises are a regular part of your security strategy. Alongside the annual risk analysis update, an annual update of your test strategy is essential.
  2. Practice makes perfect: Simulate realistic attacks to test and improve your resilience. This helps identify technical weaknesses and processes and trains your team in responding to real incidents.
  3. Follow DORA guidelines: Ensure compliance with DORA requirements, including regular evaluations of your digital operational resilience. This involves not only technological improvements but also procedural and organizational adjustments.
  4. Invest in training and awareness: Cybersecurity starts with the people in your organization. Invest in training and awareness to ensure everyone understands how they can contribute to security.
  5. Collaborate with experts: Leverage the expertise of specialized service providers like Securify to test and improve your security measures. We can often identify blind spots that are overlooked internally.
Conclusion

The world of cybersecurity is constantly evolving. With the rise of increasingly sophisticated threats and stricter regulations, it is more important than ever for organizations to implement proactive and thorough security measures. Pentesting, Red teaming, Purple teaming, and adhering to DORA guidelines are crucial for enhancing digital resilience. By embracing and integrating these measures into their business strategy, organizations can better prepare for the challenges of today and tomorrow.

At Securify, we are ready to assist you every step of the way. Contact us for more information on how we can support you in strengthening your cybersecurity posture. Together, we can build a more resilient digital future.

Sign up for the Solvinity Newsletter

Receive the latest news, blogs, articles and events.
Subscribe to our newsletter.
Background Icon

Other cases

Cases

11 September 2024

Case: de Vereende

Under DORA, financial institutions are required to conduct regular security assessments. De Vereende works with Securify...

MEER INFORMATIE