A recent cyber simulation carried out by Positive Technology’s researchers found that external hackers breached 93% of organizations’ perimeter networks and on average gained access to internal systems in just two days.

The study covered 45 attack scenarios with Positive’s clients and ran from the second half of 2020 through the first half of 2021. The penetration testing was carried out in real corporate infrastructure and terminated one step before the occurrence of an unacceptable event without harming business processes, Positive said. Events that disrupt technological processes and the provision of services, or result in stolen money and sensitive information, were considered by Positive’s customers to be unacceptable incidents that present the greatest danger.

“In 20% of our pentesting projects, clients asked us to check what unacceptable events might be feasible as a result of a cyber attack,” said Ekaterina Kilyusheva, Positive’s head of research and analytics. “These organizations identified an average of six unacceptable events each, and our pentesters set out to trigger those,” she said. In total, Positive Technologies pentesters confirmed the feasibility of 71% of these unacceptable events.

Read more from MSSP Alert here.