NordVPN Promotion

Home / Blogs

Ethical Hacking: Turning The Tables to Boost Cyber Security

Hacking remains a huge problem for businesses. As noted by MarketWatch, more than 175 data breaches have already happened this year, and in 2015 approximately 105 million adults in the United States had their personal information stolen. For companies, the stakes are huge: Compromised systems not only damage the bottom line but can severely impact public opinion. While typical cyber security methods—such as antivirus programs, firewalls and threat prediction—offer some protection, there’s another option to discover key vulnerabilities and undiscovered threats: Ethical hacking.

What Is Ethical Hacking?

Think of it like turning the tables on cybercriminals. Instead of waiting for malicious actors to breach your network and cause damage or steal information, you hire professionals to do the job and report their findings. They get a mandate: For example, attempt to breach your system with email phishing or through brute force, and then you let the professionals get to work. Ethical hackers don’t tell you where or when an attack will occur—meaning that just like a real threat it could happen anytime, anywhere. After successfully identifying vulnerabilities or being stumped by network security (by far the rarer of the two outcomes), ethical hackers report their findings to C-suite members and provide recommendations on how to beef up cyber security. Bottom line? You get all the post-attack knowledge of a real data breach with none of the long-term damage.

Why Bother?

Sounds good in theory, but are real companies actually employing ethical hackers to crack their networks and run amok on IT infrastructure? As noted by Tech Worm, that’s exactly what ethical hacker Charles Henderson does every day for tech giant IBM: The company has given him—and his team—a mandate to “pen test” systems and uncover potential areas of compromise.

It works. While on the job for a previous client, Henderson used social engineering and gained entry to its office space. Then he and his team stole confidential digital and physical data, and drove off with this information in a company-branded vehicle. His success was greater than expected, but provided valuable feedback to improve the company’s overall IT security.

Hiring the Right Hacker

How do you make sure you’re hiring the right hacker and not a duplicitous black-hat expert in disguise? Start with a face-to-face interview and in-depth background check. Is your hacker just in it for the thrill and the paycheck, or does the professional demonstrate a real passion for ethical boundaries and “unpacking” malicious code to see how it works? Training is also important: Are prospective hires self-taught or have they enhanced their knowledge with relevant coursework? Look for people trained in disciplines such as advanced pen testing, exploit development and network architecture. It’s also important to consider their broader skillset—do they understand multiple operating systems, have a real interest in understanding your network, and are willing to think outside the box?

Ethical hacking helps put you in control; with the help of the right hacker, it’s possible to transition your network from easy mark to hard target.

NORDVPN DISCOUNT - CircleID x NordVPN
Get NordVPN  [74% +3 extra months, from $2.99/month]
By Thomas Bayhan, Program Manager at TrainACE

Filed Under

Comments

Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

Related

Topics

DNS

Sponsored byDNIB.com

Cybersecurity

Sponsored byVerisign

Threat Intelligence

Sponsored byWhoisXML API

New TLDs

Sponsored byRadix

Brand Protection

Sponsored byCSC

IPv4 Markets

Sponsored byIPv4.Global

Domain Names

Sponsored byVerisign

NordVPN Promotion