Testing the waters: The value of ethical hacking for business

Why bug bounty programs are on the rise

Navigating the challenges of cybersecurity can be daunting for even the most prepared of organizations. As Jamie Woodruff, an ethical hacker, said in a presentation at Vibrant Digital Future: “Your infrastructure is only as strong as your weakest employee. From hacking and cracking to social engineering, every team member within your organization is a risk that needs to be managed.”

Paul Farrington, Manager: EMEA Solution Architects at CA Veracode, says that, with the 2017 State of Software Security report demonstrating that 77 percent of applications have at least one vulnerability on initial scan, it is not surprising that large organizations, such as Google and Apple, are setting up their own bug bounty programs, which employ or incentivize ethical hackers to find vulnerabilities in their software applications.

Ethical hackers or penetration testers, like Woodruff, can work with businesses to highlight the pitfalls and possibilities, run penetration testing, and generally help keep them and their data safe. With cybersecurity skills gaps and shortages continuing to impact the sector, bringing in external skills to test systems makes sense.

Study from Nuix gives insight into the thoughts and actions of professional hackers. Find out: How hackers hack


Demand increases for penetration testers

ISACA’s State of Cyber Security 2017 report found that, while one-third of the respondents note that their enterprises receive more than 10 applicants for an open position, 64% of that one-third indicate that fewer than half of the applicants are qualified. The report went on to note that, even skilled resources, “once hired, require time and training before they are fully up to speed and performing their job at a competence level equivalent to others who are already in the enterprise.”

To continue reading this article register now