If I am attacked tomorrow, what happens?
Zero risk does not exist. The ANSII and the CNIL now impose to set up procedures to restart your network (PCA/PRA) and to diagnose the impacts of a successful cyber attack (data leakage, viruses still active? etc..). This is why it is important to prevent these risks. In some companies, doing prevention allows to subscribe to cybersecurity insurance policies that can be useful in the case of loss of CA related to a successful cyber attack.
Other questions on the same theme :
- What are the issues that lead to a preventive solution?
- If I have a vulnerability on my network, is it up to you to fix it?
- Where are the cases made? Do you have a label?
- Why do I have to keep paying for a subscription if I have just had all the vulnerabilities in my network fixed?
- Your solution seems very interesting, why has no one proposed it so far?
- If I see too many vulnerabilities, won't I get lost in a pile of information to manage?
- What does Sherlock do vs. other Nessus-type audit tools?