When most people think of a hacker, they think of a dishonest individual who uses techniques to bypass a system’s defenses and steal confidential and sensitive information. Security breaches, data as well as identify theft are all incidents which can occur as a result of a hacker breaking into a system. However, in this modern workplace where information can be distributed and leaked in seconds, there exists the ethical hacker. Sounds like an oxymoron to you? Well, it isn’t! In fact, the ethical hacker is a great asset and help in today’s increasingly technologically (and less human reliant) work place. Known as ‘white hat hackers’, ethical hackers use the same techniques as their less-than-honest counterparts, the ‘black hat hackers.” However, these good guys of cybersecurity do not use their findings to take advantage and exploit any vulnerabilities they discover, rather they document them and then present their client with a plan on how to repair these issues so the company can improve their overall information security and guard their important information. Ethical hacking exists to assess the security of a network or system infrastructure and consists of discovering and trying to exploit vulnerabilities. This helps to determine is unauthorized access or other malicious activities are possible. Poor or improper system configurations, hardware and software flaws (known and unknown) as well as operational weaknesses in technical countermeasures are all places that tend to have vulnerabilities. The history of ethical hacking can be traced back as early as the 1970s. The United States government used groups of experts known as ‘red teams’ to hack into its own computer systems. Since its inception back then, ethical hacking has become a sizable part of the information security market and is rapidly expanding. In fact, many large companies such as IBM employ their own team of ethical hackers and many information security companies offer ethical hacking as a service. It is of great importance as an ethical hacker to make sure they know a company’s service level and code of conduct agreements, which gives specific instructions to how testing will be conducted. For instance, there have actually been incidents of ethical hackers testing a system and discovering vulnerabilities without the owner’s permission. Ethical hacking is also known in the market as penetration testing, as many professional in this field feel that ethical hacking is a contradiction in terms. As this field is advancing and growing so quickly, it is crucial for security professionals to be in top of the latest techniques so they can offer the best services to their clients and stay on the top of their profession. There are many resources available to learn both in traditional classroom formats as well as online. A good free resource is our course lesson on system hacking. These online courses allow the participant to study and learn at their own pace and suit a variety of learning styles.
News & Events
October 2, 2024
October is Cybersecurity Awareness Month, Why Cybersecurity Training is More Critical Than Ever
October is Cybersecurity Awareness Month 2024, so Cybrary is addressing why is cybersecurity training is more critical than ever. During October 2024 Cybersecurity Awareness Month, it’s time to recognize the value that regular, up-to-date training brings to both individuals and organizations
Building a Security Team
September 27, 2024
Digital Forensics and Incident Response: What It Is, When You Need It, and How to Implement It
A quick guide to digital forensics and incident response (DFIR): what it is, when it’s needed, how to implement a cutting-edge program, and how to develop DFIR skills on your team.