The Case for Ethical Hacking

Mark Goldin

Chief Technology Officer, Cornerstone

When it comes to addressing the threat of cyber attack, companies are starting to borrow from the playbook of their would-be enemies by hacking their own systems before others get the chance.

The practice is called "ethical hacking" and it's an approach that recently gained worldwide attention when it was revealed that Edward Snowden, the American exile who is now hiding out in Russia after disclosing details about U.S. spy operations, received an official certification in ethical hacking while working as a contractor for the National Security Agency.

The reason for the interest in ethical hacking is clear: security concerns are on the rise — both in the public and private sector. To lessen the risk, companies are investing heavily in security services. A 2010 Gartner survey predicted that spending on worldwide security services would reach $49.1 billion by 2015, a 40 percent increase from 2011.

The Case for Self-Inflicting Wounds

While many companies wait until there is a security breach to fix the system, one way to proactively manage a cyber hack is to simply hack your own system before others do. Ethical hackers — the undercover cops of the IT world — are important investments for companies, especially government agencies, financial institutions or others that deal with highly sensitive information. Third-party companies employ these certified hackers to identify holes in a company's IT infrastructure.

Here is how Cornerstone uses ethical hackers to stay on top of digital security threats and assure our customers that our system is impenetrable.

  • We pay third-party professional hacking services to hack our system continuously for two weeks. This is called a penetration test and implements a combination of manual and automatic maneuvers.

  • We have conducted these tests four times a year — timed with new product releases — since 2010.

  • We publish results upon client request. This how we can prove the security of our system.

  • We make sure all red flags that are identified are addressed immediately.

As the spread of cloud-based and other technologies opens up more opportunities for cyber criminals to strike, it is crucial that IT departments be proactive about plugging any holes before they spring a leak.

Gerelateerde bronnen

Wilt u blijven leren? Bekijk onze producten, klantverhalen en de nieuwste branche-inzichten.

AI: de brug die generaties verbindt


AI: de brug die generaties verbindt

Het personeelsbestand van vandaag de dag maakt een snelle transformatie door. Zo hebben in korte tijd de traditionele vijf dagen op kantoor plaatsgemaakt voor al dan niet gedeeltelijk thuis of remote werken, heeft de grote opzeggingsgolf( ook wel Great Resignation genoemd) geleid tot een flinke arbeidsmobiliteit en moeten bedrijven inmiddels strijden om talent in een markt waarin de vraag naar sollicitanten veel groter is dan het aanbod ervan.

Plan een persoonlijk gesprek

Praat met een Cornerstone-expert over hoe wij kunnen helpen met de unieke behoeften van uw organisatie op het gebied van personeelsmanagement.