Logo Header Menu

How ethical hacking can improve your security posture

Esteban Hernandez, security specialist at Amazon Web Services (AWS), discusses how ethical hacking can play a role in improving your security posture How ethical hacking can improve your security posture image

Cyber security professionals see some threat actors or outside-parties as the enemy. However, challenging this mindset is important; you can better protect your organisation against outside parties if you understand how they think and operate. With this in mind, businesses around the globe have turned to ethical hacking to test security infrastructure and develop stronger, more robust security practices.

Before integrating penetration testing into your security policy, it is important to understand the different types of hackers that exist. Each group has differing motivations, and you must be clear on which of their skills can be used to your organisation’s advantage.

Black hat

Black hat hackers are cyber criminals motivated by personal or financial gain. They range from teenage amateurs to experienced individuals or teams with a specific remit. However, over recent years, several high-profile black hat hackers have refocused on using their cyber skills to protect organisations. An example is Kevin Mitnick, aka Condor, who was just sixteen years old when he gained access to a Department of Defence computer. Following this and numerous other hacks, Mitnick spent five and a half years in prison. Upon his release set up his own company, Mitnick Security Consulting, which now runs penetration tests for clients.

The issue of whether to work with a previous black hat hacker is a contentious one. Some, including David Warburton, senior threat evangelist at F5 Networks, believe that hiring ex-hackers is critical in staying ahead of the threat landscape. However, others are concerned about allowing this group access to corporate systems and customer data. The latter group should, however, consider other approaches to working with hackers.

White hat

Often referred to as ethical hackers, white hat hackers are employed by organisations to look for vulnerabilities in security defences. Despite using the same tactics as black hat hackers, this group has permission from the organisation making what they do entirely legal. While they use their knowledge to find ways to break the defences, they then work alongside security teams to fix issues before others discover them.

Many of the biggest organisations in the world, including General Motors and Starbucks, are turning to white hat hackers to help identify fault lines and proactively enhance security posture. White hat hacking can offer an interesting and lucrative career path for people with technical skills. Drawing attention to the important role white hat hackers play can encourage more talented individuals to take a positive path instead of becoming black hat hackers.

How to boost internal cyber security training

This article will explore how organisations can boost their cyber security training initiatives to ensure staff are sufficiently equipped with the right skills. Read here

Nurturing talent

There are many programmes in place to find, encourage and support the next generation of white hat hackers. Attendees of these conferences can learn how hackers operate and how cyber security experts defend against hackers. The aim is to encourage people with technical expertise to use it for good in their career. By equipping aspiring cyber security professionals with knowledge and skills, they can bake security into infrastructure, from the ground up.

Building on solid foundations

For those responsible for maintaining customer trust and protecting data, an end to end approach to security is critical. As we have seen, working with ethical hackers is a powerful way to view security posture from a cyber criminal’s perspective to identify and tackle vulnerabilities. However, it’s also important to remember that security needs to be baked in throughout an organisation’s infrastructure. This is where partnering with a cloud platform can be beneficial; the best of these are developed to satisfy the needs of the most risk-sensitive organisations. Cloud platforms also offer automated security services, which can proactively manage security assessments, threat detection, and policy management. In so doing, these platforms take on a lot of the heavy lifting for security professionals, including ethical hackers.

Written by Esteban Hernandez, security specialist at Amazon Web Services (AWS)

This article is tagged with: Cyber Security, Ethical Hacking, White hat

Latest news

divider
Data Analytics & Data Science
How to unlock data silos and unleash innovation

How to unlock data silos and unleash innovation

23 July 2021 / Digital transformation has come to the forefront during the pandemic. It’s been rightly lauded as [...]

divider
Cybersecurity
The CISO: the enabler of innovation

The CISO: the enabler of innovation

23 July 2021 / We’re all still living through the personal and professional impact that the COVID-19 pandemic has [...]

divider
Software and Applications
Scaling API management for long-term growth

Scaling API management for long-term growth

22 July 2021 / If networking equipment is visualised as the pipes of the internet, Application Programming Interfaces (APIs) [...]

divider
Business & Strategy
The role of tech in the future of keeping the workforce well post-pandemic

The role of tech in the future of keeping the workforce well post-pandemic

22 July 2021 / As of April 2021, there are 145 million Microsoft Teams users. Things have adapted fast, [...]

divider
AI & Machine Learning
How SMEs in e-commerce can drive value from machine learning

How SMEs in e-commerce can drive value from machine learning

22 July 2021 / Despite the promise of major benefits and positive return on investment, adopting technologies such as [...]

divider
Data Analytics & Data Science
Why we need to unlock the value of public sector data

Why we need to unlock the value of public sector data

22 July 2021 / Recognition of data’s value as a tool for progress in business applications, science and academia [...]

divider
Development & Programming
Tackling developer talent shortage is key to digital transformation acceleration

Tackling developer talent shortage is key to digital transformation acceleration

21 July 2021 / As millions of businesses increase their digitalisation efforts across the globe, the demand for talented [...]

divider
Healthcare
How telemedicine and AI can save time and money for healthcare providers

How telemedicine and AI can save time and money for healthcare providers

21 July 2021 / There’s no denying that Covid-19 has illuminated the promise of artificial intelligence (AI) to the [...]

divider
Blockchain
How the future of business could be built on blockchain

How the future of business could be built on blockchain

21 July 2021 / On paper, blockchain is irrefutable. It delivers transparency, it’s immutable, self-governed, and secure. The only [...]

Information Age

Pin It on Pinterest