3 minutes
Find a white hat by tapping your network and looking for credentials.
Sponsored by CO-OP Financial Services
In today’s complex digital world, so often subject to fraud and security breaches, it can be fairly said that “It takes a hacker to catch a hacker”–a hacker wearing a white hat, that is.
“White hat hackers” or “ethical hackers” are technology good guys, who use their skills to improve security by exposing vulnerabilities before malicious hackers (“black hat hackers”) can detect and exploit them.
White hat hackers can be valuable as consultants to a credit union CIO or CTO in planning effective security strategies and methodologies, identifying and eliminating vulnerabilities, and lending knowledgeable input during vendor selection. They can function as advisors to credit union boards, helping them understand the climate and issues of cybersecurity today.
Hackers can offer credit unions a competitive advantage by providing a unique perspective on technology. The nature of their profession gives them thorough understanding of computer networks. In addition, hackers have a working knowledge of the “darknet,” where much of the hacker mayhem is created and distributed. But it is also a place where ethical hackers can find information that helps them and their clients create state-of-the-art system security.
Where do you find an ethical hacker? As with any search for special knowledge and/or expertise, speak to your data security colleagues who have had prior experience with an ethical hacker. Seek out recommendations from those you know and trust. And, there is a way to do due diligence to confirm personal recommendations.
Believe it or not, professional organizations credential this type of service. One such organization is the EC-Council (International Council of E-Commerce Consultants), a leading cybersecurity certification body. EC-Council’s training programs include Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (C|HFI), Certified Security Analyst (ECSA), and License Penetration Testing (Practical).
Another example is (ISC)2, an international nonprofit membership association focused on a safe and secure cyberworld. It is best known for its Certified Information Systems Security Professional (CISSP) certification, and includes a membership of more than 115,000 certified cyber, information, software and infrastructure security professionals.
Although this might sound overly simple, make sure your white hat candidate can translate hacker tech lingo into clear English that everyone from top management down will understand--the essential skill of any consultant. This, in combination with their technical skills, can make an (ethical) hacker a key resource in protecting yourself against the most determined cyber attacks.
Terrence Griffin is CIO of CO-OP Financial Services, a financial technology provider to credit unions based in Rancho Cucamonga, Calif.
