1. What if your budget is cut by 50%
- Did you properly classified your projects by priorities and cost ?
- Do you have a list of mandatory and non mandatory projects ?
- Are some projects are just related to Security ?
2. What if you have only one project to motivate for the FUTURE ?
- Innovation ?
- Added value ?
3. Next PenTest can be driven by ‘objectives’, not just Scan & analyze ?
- Get the client database ?
- Get the payroll list ?
- Check internal security awareness and line of defense – Drop USB with fake data inside the organization.