When you hear the term ‘hacker’, what springs to mind?
It’s got to be said that hacking doesn’t always have the best reputation, but we’re here to change your perception forever.
In a recent UKFast webinar, our panel of experts discussed the advantages of ethical hacking and how it protects UK businesses from ‘the bad guys’.
Our Director of Training and Education Arlene Bulfin was joined by Stephen Crow, Head of Defensive Securities and Technologies at UKFast, and Paul Mason, cybersecurity expert and Head of Education at Secarma, in a discussion that covered everything businesses need to know about ethical hacking.
Here are a few of the highlights.
Being an ethical hacker himself, Paul kicked off the discussion by telling us what he means by the term ‘ethical hacker’.
He said: “An ethical hacker is a cybersecurity consultant and penetration tester rolled into one. We learn all the same skills as malicious hackers, then use these skills to attack companies (with their consent) so we can find the problems in their systems and fix them before the bad guys exploit them.”
These professionals are able to find any vulnerabilities in your systems, services or products by testing them rigorously, then advising what you can do to improve your security. Paul Mason told us about how organisations are assessed and that successful testing is all about getting into the ‘criminal mindset’.
He said: “Penetration testing is widely used to spot holes and vulnerabilities in a business, but we also carry out time-limited tests to cover the basics for companies who perhaps can’t invest in a full penetration test.”
He added: “If a company comes to us with a new web application that’s about to launch and asks us to test it, then we scan its servers and, in some cases, hack its web applications, but really we’re just mimicking the bad guys so we can get there first and shut down any problems.”
Stephen and Paul both agreed that all businesses, no matter your size, can always do more to improve security.
Stephen said: “I think it always comes down to what data businesses are storing and what value it holds for them. Businesses that truly value their data are always looking to improve.
“For SMEs especially, it’s about affordable and effective security measures. Using free tools, such as vulnerability scanning, which shows any vulnerabilities within the platforms you are using, is a great way to start.”
A secure team is the key to a secure business, something we’re keen to drive home at UKFast. So what are Stephen’s top tips for developing a secure employee culture?
Stephen advised that “awareness training is one of the biggest things for businesses to focus on.”
He said: “Whenever someone starts at your company they should be made aware of all the relevant cybersecurity issues and then refreshed either every six months or annually. This training needs to be updated to bring people up to speed with relevant issues.”
Stephen also warns against having an open BYOD policy. Uncontrollable devices connected to your network could infect your systems or leave you open to attack.
Of course, this is but a snapshot into the discussion of ethical hacking. So, if you want to know more about how to tackle the threat of phishing emails, keeping your business network safe from employee devices and how to keep up with new security developments, why not watch our webinar on demand?
Watch our FREE on-demand webinar “Ethical hacking: What are the potential threats to your business?”