Publicación de blog

The Case for Ethical Hacking

Mark Goldin

Chief Technology Officer, Cornerstone

When it comes to addressing the threat of cyber attack, companies are starting to borrow from the playbook of their would-be enemies by hacking their own systems before others get the chance.

The practice is called "ethical hacking" and it's an approach that recently gained worldwide attention when it was revealed that Edward Snowden, the American exile who is now hiding out in Russia after disclosing details about U.S. spy operations, received an official certification in ethical hacking while working as a contractor for the National Security Agency.

The reason for the interest in ethical hacking is clear: security concerns are on the rise — both in the public and private sector. To lessen the risk, companies are investing heavily in security services. A 2010 Gartner survey predicted that spending on worldwide security services would reach $49.1 billion by 2015, a 40 percent increase from 2011.

The Case for Self-Inflicting Wounds

While many companies wait until there is a security breach to fix the system, one way to proactively manage a cyber hack is to simply hack your own system before others do. Ethical hackers — the undercover cops of the IT world — are important investments for companies, especially government agencies, financial institutions or others that deal with highly sensitive information. Third-party companies employ these certified hackers to identify holes in a company's IT infrastructure.

Here is how Cornerstone uses ethical hackers to stay on top of digital security threats and assure our customers that our system is impenetrable.

  • We pay third-party professional hacking services to hack our system continuously for two weeks. This is called a penetration test and implements a combination of manual and automatic maneuvers.

  • We have conducted these tests four times a year — timed with new product releases — since 2010.

  • We publish results upon client request. This how we can prove the security of our system.

  • We make sure all red flags that are identified are addressed immediately.

As the spread of cloud-based and other technologies opens up more opportunities for cyber criminals to strike, it is crucial that IT departments be proactive about plugging any holes before they spring a leak.

Recursos relacionados

¿Desea seguir formándose? Explore nuestros productos, las historias de nuestros clientes y las últimas novedades del sector.

El departamento de IT, el aliado perfecto para su analítica de RR.HH.

Publicación de blog

El departamento de IT, el aliado perfecto para su analítica de RR.HH.

Hoy en día, no se puede hablar de RR. HH. sin hablar de analítica. Desde el primer correo electrónico de contratación hasta la entrevista de salida, los macrodatos están cambiando nuestra forma de abordar y llevar a cabo la gestión del talento. Aunque la base del éxito en RR. HH. —tener don de gentes y una fuerte intuición— sigue siendo relevante, tener una trayectoria profesional en el sector requiere cada vez más una mentalidad "moneyball", en la que la estadística cobra un gran protagonismo.

Concierte una reunión individual personalizada

Hable con un experto de Cornerstone sobre cómo podemos ayudarle a satisfacer las necesidades de gestión de personal particulares de su organización.

© Cornerstone 2024
Aviso legal