How Cybersecurity Benefits from Hackers

Uploaded on 2017-06-14 in FREE TO VIEW, NEWS-News Analysis, TECHNOLOGY--Hackers

With the number of cyber-crimes climbing every day, and the costs of each cyber-attack higher than the last, the word “hacker” has come to carry a very negative connotation. 

Business owners who are afraid of litigation cringe when they hear the word. Private individuals who are worried their identities will be stolen, or who have already had their identities stolen before, get sick to their stomach at the thought.

While it’s true that cyber-crime damages everyone involved, there are at least a few ways cybersecurity can benefit from the existence of hackers. That’s not to say that there is anything good or proper about stealing people’s data; however, there are at least a few silver linings to the cloud that is cyber-crime.

Exposes vulnerabilities that need to be shored up

Let’s make one thing clear from the start: when a company is hit by a cyber-attack, it’s awful for them. It throws their entire company into disarray, often corrupting entire databases or even throwing the company’s continued use of a digital business platform into question. But when a cyber-attack hits, particularly when it strikes a company that’s in the public eye, the event presents cyber security professionals with a valuable opportunity.

When cyber criminals finally make a move on a company, they show their hand. The event boosts public awareness, often leading other companies to increase their own cyber security issues. 

Meanwhile, cyber security professionals are able to take a look at the pathways the hackers used to enter the victim’s network. With the vulnerabilities exposed, they can work to close those vulnerabilities, removing them as a potential entry point and improving security for everyone else. Much like the way the human body responds to an infection, the cyber security community produces defenses to prevent similar infections in the future.

This is one of the reasons it’s so important for businesses to keep their security software updated regularly. As security firms find ways to defend against new types of attacks, they will release patches and updates to their security products. When businesses update their security software, they benefit from the new protections.

White Hat Hackers

While most people picture all hackers as criminals in dark rooms doing whatever they can to break into company networks and steal data, not all hackers are actually criminals. Sometimes, organisations will actually hire a hacker that they have vetted ahead of time.

These “white hat” hackers will attempt to break into the company’s network in order to find vulnerabilities before less scrupulous hackers find and exploit them. They point these vulnerabilities out to the companies that hired them, and the organisation goes to work fixing those vulnerabilities. By having someone they trust try to break in, companies can find the gaps in their security without risking any actual data loss. 

While these white hat hackers use the same methods as those of the black hat variety, the motives of the two groups are very different.

Huge companies like Google, Facebook, and even Microsoft offer “bug bounties,” large rewards to be paid to hackers who find serious vulnerabilities in their software platforms. With these vulnerabilities brought to light, the companies can then focus their data loss prevention efforts into shoring up their software’s defenses before cyber criminals are able to exploit the revealed weaknesses.

Open-Source Projects

To put it simply, many of those who identify themselves as “hackers” are very talented programmers. The creators of some of the most well-known software are self-proclaimed hackers. Among these hackers-turned-programmers are Mark Zuckerburg, founder of Facebook; Linus Torvalds, the creator of Linux; and Tim Berners-Lee, one of the driving forces behind the creation of the World Wide Web.

Often, these programmers will seek a solution that doesn’t involve working with one of the entrenched proprietary software companies. Instead, they will create open-source projects, where the source code is made publicly available. The programming community, including several who identify as hackers, work together to produce software solutions that is available to everyone. 
Even people who never use open-source software benefit from these projects, as the public community will often create new innovations that the proprietary companies either use for inspiration or simply copy outright.

While black hat hackers are typically a blight on the tech community, they’re not the only type of hackers out there. White hat hackers work hard to improve security, and there are many former black hat hackers who have reformed and now work to keep people’s data safe. At its heart, the world of hacking is much more complicated than people realise.

CTOVison:

You Might Also Read:

Directors Report January 2017. Cyber Security Checklist For Management (£):

Stop Data Breaches, Start With Databases:

Hack Headlines Cause Financial Damage:

 

« Russian Cyber Gang Arrested By …. Russia
Small Businesses Should Consider Cyber Insurance »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

See how to use next-generation firewalls (NGFWs) and how they boost your security posture.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Varonis

Varonis

Varonis provide a security software platform to let organizations track, visualize, analyze and protect their unstructured data.

Westminster eForum

Westminster eForum

Wesrtminster eForum runs a series of conferences on matters relating to the UKs Digital Strategy. Topics include Smart Cities and Cyber Security.

Bunifu Technologies

Bunifu Technologies

Bunifu Technologies is an Information Security and Custom Software Development Company.

Ponemon Institute

Ponemon Institute

Ponemon Institute conducts independent research on data protection and emerging information technologies.

RangeForce

RangeForce

RangeForce delivers the only integrated cybersecurity simulation and skills analysis platform that combines a virtual cyber range with hand-on training.

Lightship Security

Lightship Security

Lightship Security is an accredited Common Criteria and FIPS 140-2 IT security testing laboratory that specializes in test conformance automation solutions and IT product security certifications.

OCM Business Systems

OCM Business Systems

OCM are experts in the safe, secure and responsible disposal of IT & EPoS assets.

YesWeHack

YesWeHack

YesWeHack offers companies an innovative approach to cybersecurity with Bug Bounty (pay-per-vulnerability discovered) to identify and report vulnerabilities in their systems.

TekSek Cyber Security

TekSek Cyber Security

Preparing you for tomorrow's security threats.

Phakamo Tech

Phakamo Tech

Phakamo Tech offers a full set of governance, risk, compliance, cybersecurity and Microsoft Cloud services that include consulting, planning, implementation and cyber incident response.

Technisanct

Technisanct

Technisanct works with Governments, especially Law Enforcement and Defence agencies, helping them in monitoring threats, managing their data and resolving their forensic needs.

Condition Zebra

Condition Zebra

Condition Zebra has wide experience in providing IT Security Services, Training, and Certification in the field of cybersecurity.

Factmata

Factmata

Factmata is an social and news media monitoring and analytics product that uses AI to identify and track narratives online, highlighting those most likely to cause brand harm or misinform the public.

FortiGuard Labs

FortiGuard Labs

FortiGuard Labs is the threat intelligence and research organization at Fortinet. Its mission is to provide Fortinet customers with the industry’s best threat intelligence.

Orpheus Cyber

Orpheus Cyber

Orpheus Cyber provides predictive and actionable intelligence to our clients - enabling them to anticipate, prepare for and respond to the cyber threats they face.

42Crunch

42Crunch

42Crunch provides API security testing and threat protection. We proactively test, fix and protect your APIs from development to runtime.