With cyber attacks on the rise, how can you ensure your organization’s digital work space is secure? More and more, companies are looking to train or hire an ethical hacker for help in finding and fixing security issues. Ethical hackers, also referred to as “white hat” hackers or bug bounty hunters, find flaws to help companies instead of exploit them (Sharma, 2016). While some major companies such as Facebook and Google offer rewards programs open to any interested ethical hackers, not everyone is sold on the idea.
So what does an ethical hacker do? With your permission, ethical hackers test your system as an unethical hacker would, and report on findings so any problems may be fixed. In order to stay updated with the latest skills, however, ethical hackers often disguise themselves in order to gain information from the underground. Knowing that they come in close contact with malicious hackers in doing so can be enough to make some uneasy about hiring an ethical hacker.
Some “grey hat” hackers fall in between the spectrum of ethical and unethical hackers, finding vulnerabilities legally or illegally and then sharing that information with other hackers as well as officials. One may seek out these hackers to learn from their findings, or even attempt to follow in their footsteps. Some companies allow their own security experts to venture into the domain of grey hacking, though they must be extremely careful to obtain information without making themselves vulnerable in the process.
Your company can take multiple routes when it comes to defending your network; hiring an ethical hacker or supporting ethical hacking from within are just a few options to consider. Ultimately, the choice you make depends on what best protects your company.
For tips on ethical hacking for your company’s technical professionals, check out IEEE’s new course: Hacking Your Company: Ethical Solutions to Defeat Cyber Attacks.
References:
Conran, B. (2014, March 1). Why not to hire an ethical hacker. Security Magazine.
Sharma, S. (2016, April 1). Bug bounty hunters and the companies that pay them. Gadgets 360.
No comments yet.