| Chris Nickerson is your worst nightmare. He's the guy you never see coming, the one who can slip into your data center, install malware on any server he chooses and ease out without so much as a shadow on your security cameras. Nickerson, CEO of Lares Consulting and part of the Tiger Team television series on TruTV, talks about the fun of penetration tests and the risks of outsourcing.
You get paid to break into companies' buildings and networks. Why is that level of assessment necessary?
How did the Tiger Team TV show come about?
With so much code written overseas, how real is the threat of industrial espionage?
What are the biggest mistakes you see companies making?
Going through and deciding what's most critical to stay alive and building your security program off of that is the key, instead of just being PCI compliant. You might be compliant, but if your system is compromised, you're going home without a paycheck. People err on the side of compliance versus security.