Security professionals have long been running penetration tests against their firewalls and other security systems to find weaknesses that need to be addressed.
The Common Vulnerability Scoring System is an industry standard, but has been around for a while.
The bad guys, however, aren’t limiting themselves to the traditional perimeter attacks anymore. They’re using spear phishing, phone calls and on-site visits and other techniques to get at corporate data.
Read full article at CSO. (Free registration required.)