Strengthening Cybersecurity in the Digital Age: The Synergy of Penetration Testing and ISO/IEC 27001

The thesis examines the inclusion of penetration testing in the regulatory framework of ISO/IEC 27001 and its impact on the cyber resilience of organizations during digital transformation. This scholarly investigation evaluates the effectiveness of penetration testing as a cybersecurity strategy by analyzing its compatibility with the ISO/IEC 27001 standard in a digital transformation context. The main objective is to clarify how this integration influences cybersecurity governance, risk management, and governance structures within organizations. The discussion also encompasses a comprehensive exploration of the ISO/IEC 27001 standard, its implementation, and the associated advantages and challenges in the digital era, emphasizing the importance of a proactive approach to information security. Through thorough analysis, the thesis emphasizes how the combination of penetration testing and ISO/IEC 27001 enhances organizational capabilities to effectively address cyber risks during digital shifts, fostering a culture of information security and strengthening overall resilience.