Ethical Hacking In The Business World
Image by anoldent via Flickr
May 14th, 2009
Hatchet-Man
I like to think that the term ‘hacker’ comes from using a hatchet to make the corners of log cabins fit together, like the fine cuts you see over to the right. Hacking is an attitude – and if you ever talk to a real hacker you get that right away. They may be a little strange sometimes, but they are there to build things, not tear them down.
In the 21st century, though, the term has been co-opted to mean something entirely different. The media refers to “hackers” who release computer trojans, spyware and other malware on the world. These folks aren’t hackers in the true sense, but I am certain they think they deserve the title.
Ethical Hackers
A true hacker is always ethical, but in this day and age we have to make a distinction, and most people aren’t comfortable thinking of malware creators in terms of “crackers”. They were given this name by the real hackers, years ago, because their intent at the time was usually to break things, to ‘crack’ a code.
Now that you know the difference, let me say that I will be using ‘hacker’ in its currently accepted form. I’m about to tell you how to learn what they know and more, how to use their own tactics against them without their knowledge, how to earn the credentials of a Certified Ethical Hacker and how to use all that to perform advanced security audits for any business on the planet.
Get The Certification
It’s a common misconception to think of hackers as just some geeky kids living in their mom’s basement. This may have some basis in fact in the distant past, but today many of them have studied long and hard to learn their craft. After all, it pays well when it works. As more malware is released on the world, a need is created for professionals who have those same skills and can defend against them.
The first step towards becoming that professional is educating yourself. Hopefully, you already know a bit about computers, networking, and the internet. If you’re comfortable discussing TCP/IP and you know what a node is, your next step is getting the specific training you need to win in a battle against the bad guys.
Image by anoldent via Flickr
And you’ll want a certification from a respected source, like the EC-Council. Their certificates are recognized worldwide(in over 60 countries) and have received endorsements from various government agencies including the US National Security Agency (NSA) and the Committee on National Security Systems (CNSS). Their certification shows that you not only know what you’re doing, but that you’re doing it Ethically as well.
The IT Guys And Security
Face it, if the “IT Guys” could handle this, they would. The obvious fact is that they can’t. Now before you get all riled up, understand: I have been an IT guy. And in that capacity, I had to make sure each individual pc worked, was able to access the network(which had its own set of problems) and talk to other operating systems and the internet, make sure your email gets to you, remove the paper from the copier, answer (for the 50th time) some random question about computers or the web/iphones/ipods/nintendos…. you get the picture.
IT guys have about enough time to set up layers of defense and automated monitoring tools and then hope everything works. They don’t have time to actively try to break into their own IT Security. Even if they did have the time, the best practice would be for someone else to test security. The guys who set it up will be biased in favor of their own work, and may not ‘try’ hard enough.
As an ethical hacker, that’s where you come in. Companies and governments are constantly in need of people they can trust, to hire as consultants or full time. You’ll be the quality control check for the IT guys, using all the tools at your disposal to help them plug the holes in their security. Like James Dean, you’ll be the ‘bad boy’ everybody loves.
The Bottom Line
Yeah, that’s what I’m talking about – the cash. I might like working for a little bit of nothing, but there’s no reason you should. As an
Ethical Hacker you can expect to command a professional’s salary.
Image by anoldent via Flickr
As time has passed and more malware has been released into the wild wild web, the need for Certified Ethical Hackers is only going to increase. Compensation is on the rise.
But, even more than that, as a Certified Ethical Hacker you are recognized immediately as one of the ‘good guys’. You’ll be the guy with the white hat. Respect from your peers, your employers, your clients and your family and friends – how do you put a value on that?
Some folks will tell you the only way to get ahead is ‘looking out for Number 1′ but I’m here to tell you, the BEST way to get ahead is to look out for those around you. As a Certified Ethical Hacker, you can actually do both. If you’re looking for the next step in your IT career, this may be it.
Get Your Feet Wet
You’re still reading, so I’m thinking you’re interested. Let me give you an honest, personal recommendation: Head over to the EC-Council and check out what they have to offer. I first found these guys several years ago and I believe in what they’re trying to do. (If it was any other way, I’d never write this for any amount of money.)
Over at their site you’ll see lots of information, and it can be daunting to a 1st-time visitor. Spend a few minutes looking around the site. If you’ll scroll down you’ll see links to some news items and some brief introductions to the site.
If you’re pretty sure you want to learn this stuff, you might want to check out their free introductory classes. Look over there on the right side of their page, you’ll find the links to those courses.
Image by anoldent via Flickr
If you decide to sign up for the full course load, you’ll be learning things like
-Security Fundamentals
-Ethical Hacking
-Penetration Testing
-Computer Forensics

-Disaster Recovery
-Secure Programming
-The Hacking Cycle
Why not head on over there right now and check it out? Get your feet wet with a couple of the free online classes. After you’ve had a taste of what’s involved, sign up for one of the full courses and start working on your certification.
After all, the system you protect might just be the one you’re using right now.
For more information use the links below.
http://iclass.eccouncil.org/
http://iclass.eccouncil.org/index.php?option=com_content&view=article&id=68&Itemid=91
http://www.eccouncil.org/ceh.htm
http://www.isc2.org/
http://www.comptia.org/
IT Security
Recommended by Jon
Get The Free RSS Feed!
*OR* Get Wordout sent to your EMAIL! 
**AND** Add to Technorati Favorites
