Pen Testing Remains Vital Tool for Reducing Cyber Risk Exposure According to Core Security Survey | Press Release

Pen Testing Remains Vital Tool for Reducing Cyber Risk Exposure According to Core Security Survey

Posted on March 23, 2022 | Cybersecurity

MINNEAPOLIS —March 23, 2022— Core Security by HelpSystems today announced the results of its third annual pen testing survey. The 2022 Penetration Testing Report identifies industry trends, top security concerns and provides a close look at how cybersecurity professionals are using pen testing in the field. 

•    Three quarters of respondents agree that pen testing is important to their security posture
•    More organizations are using pen testing to verify compliance
•    Phishing, ransomware, and misconfigurations are the most common security concerns
•    Support for pen testing has increased and demand for third-party services remains high

Pen testing enables organizations to proactively detect vulnerabilities and close any gaps in security and its value as a vital cybersecurity tool was acknowledged by professionals in the survey, with 76 percent stating that pen testing was important to their organization’s security posture. 

Three quarters of respondents use pen testing to measure their security posture, while the same number use pen testing for compliance or other external mandates. The latter shows an increase since last year, suggesting that a growing number of organizations need to comply with industry regulations and use pen testing to demonstrate that mandated security measures are working. 

Respondents reported phishing, ransomware, and misconfigurations as their top three security concerns. With ransomware commonly entering organizations through phishing emails, phishing capabilities in pen testing tools were 13 percent more sought after than last year. This year a larger percentage of organizations conducted ongoing phishing simulations to help mitigate this pervasive threat. 

This year’s survey shows stronger organizational support for the sponsorship and funding of pen testing programs, hiring of skilled professionals, and getting others to act on the findings. Third-party pen testing teams remain a popular resource, with 83 percent of respondents leveraging third parties in some capacity. Seeking an external viewpoint and applying fresh expertise to the environment were two main reasons cited for organizations employing these teams. 

“These findings support the vital role that pen testing plays in an organization’s security strategy and give every sign that it will remain a crucial practice for years to come,” said Mark Bell, Managing Director, Infrastructure Protection at HelpSystems. “Threats such as phishing, ransomware, and inattention to specific environments are concerning, and putting your organization to the test on a regular basis is the best way to ensure you’re continuously reducing your cyber risk exposure.” 

Download the full report here.

About HelpSystems 
HelpSystems is a software company focused on helping exceptional organisations secure and automate their operations. Our cybersecurity and automation software protects information and simplifies  IT processes to give our customers peace of mind. We know security and IT transformation is a journey, not a destination. Let’s move forward. Learn more at

Media Contacts 

North America: 
Angela Tuzzo
[email protected]

Lottie Hutchins
[email protected]


Recent News
June 16, 2022

What are the cybersecurity threats small-business owners need to be aware of and how can they be addressed? 

May 30, 2022

What can cybercriminals do with your stolen information and how can you protect yourself from being a victim of this rising crime? Writing for Forbes, cybersecurity expert John Wilson of HelpSystems provides six steps to help guard against identity theft.

May 24, 2022

By 2024, it’s predicted there’ll be more than 400 million connected vehicles in use around the world. In Automotive Industries magazine, Aviram Jenik discusses the implications for cybersecurity and looks at how rigorous testing and standard protocols can elevate the safety of these fast-evolving vehicles. 

May 23, 2022

Vishing (voice phishing) cases have increased almost 550 percent over the last twelve months (Q1 2022 to Q1 2021), according to the latest Quarterly Threat Trends & Intelligence Report from Agari and PhishLabs, both of which are part of the HelpSystems cybersecurity portfolio. 

May 19, 2022

Digital Guardian has been recognized as a Trust Award finalist in the Best Data Security Solution category for the 2022 SC Awards. Finalists are recognized for outstanding solutions, organizations, and people driving innovation and success in information security.