You only ever know if your security works if you test it. A whole industry called Penetration Testing has grown up around companies paying experts to try and break into your company, using both physical and cyber attacks, to test the security. With the reputational damage, lost customers and potential fines that accompany being hacked, it's more important than ever for enterprises to feel confident their security is up to scratch.
Cyber security is an arms race. The bad guys are constantly developing more advanced weapons, and so the bar for developing secure software keeps getting higher. The problem with cyber security is that it's much harder to retrofit security than to build it in from the outset.
When you talk to start-ups who have developed new software platforms, disrupting older incumbents, they mostly talk about usability, speed and cloud access as reasons for customers to swap over. But potentially the biggest selling point they can offer customers is a fundamentally more secure product, by designing modern cyber security principles in from the ground up. There are many examples of large industries where the market leading software is over a decade old. I dread to think how much effort goes into keeping these platforms secure.
Until you try to pick a lock—or until you challenge a password or encryption algorithm—you’ll never really understand how secure it is.