Today more than ever, hackers of the ethical variety can be an accepted and integral part of information security teams. There are a growing number of fields that hire ethical hackers, also known as "white hats." These professionals are hired to find and test for potential weak areas in an organization's security system by (hence the name) hacking into it. Find out how to train for and earn the best jobs and career paths for this position.
What is an Ethical Hacker?
Ethical hackers are known as the "good guys" of Internet security, securing an organization's security infrastructure through what's known as "penetration testing." They search and test networks, applications and computer systems to prevent both data theft and fraud, according to PC World.1
The term "ethical hacker," widely reported to have been coined by IBM, helped change the public image that all hackers have malicious intent. On the contrary, many who pioneered the field did so with the intention to make a system and its code work better. And today, most companies use the terms "white hat" and "black hat" to differentiate between those who hack legally and illegally.
What They Do
White hat hackers work in a similar capacity to information security analysts, and in some cases, job responsibilities are the quite similar: According to the Bureau of Labor Statistics (BLS), information security analysts track trends in information security, develop security protocol to guard against breaches and suggest best practices for an organization or network's security systems and procedures. Illustrating how in-demand such roles have become, the BLS projects employment of information security analysts to grow 37 percent from 2012 to 2022, much faster than the average for all occupations.2
While developers and analysts work to stay one step ahead of hackers, white hat hackers work in tandem with them, troubleshooting security code as it's created, or that is already in place, for possible hack entries. IBM's Developer Works reports that penetration testing includes going through the same process a "black hat" hacker would: white hats identify a target, determine its weak points, engage in "exploiting" those weak points and determine how black hats conceal their identity upon entering.3
Industries That Hire Ethical Hackers
In recent years, chief Internet security officers (CISOs) in technology have looked to hire white hat hackers to complete their security teams.4 Though the government continues to be the primary sector that hires them, the banking industry has also looked too white hat hackers to help protect its data. Additionally, more and more mainstream companies, primarily in the tech space, hire white hat hackers and offer "bug bounties," for those who can find a glitch or weak spot in their security, thereby incentivizing ethical hacking.5
Skills and Education Required
Similar to an information security analyst, a good starting point for an ethical hacker is pursuing a bachelor's degree in computer science, information technology, programming, or a related field. Some may also choose to pursue an ethical hacker certification. But a computer-related education is just the foundation. Hackers need to have mastery of a wide array of skills, beginning with technical skills but also including soft skills such problem-solving and communications skills. In addition, white hat hackers must be persistent and be able to think creatively. They must be able to focus for long periods of time and continue to learn about emerging security trends.
Ethical hacking is a fascinating and dynamic field. It combines many overlapping skills as other IT positions, making it a broad-based and exciting career choice.
Ready to take the next step? Learn more about IT security degree programs at AIU.
1. PCWorld "How to Become an Ethical Hacker," on the Internet at http://www.pcworld.com/article/250045/how_to_become_an_ethical_hacker.html (visited 2/3/2015)
2. Bureau of Labor Statistics, U.S. Department of Labor, Occupational Outlook Handbook, 2014-15 Edition, Information Security Analysts,
on the Internet at http://www.bls.gov/ooh/computer-and-information-technology/information-security-analysts.htm (visited 2/9/15)
3. IBM Developer Works, "System Security and Practical Penetration Testing," on the Internet at http://www.ibm.com/developerworks/security/library/se-practical/ (visited 2/2/2015)
4. CIO.com, "CISOs Look to Hire White Hate Hackers to Head off Security Breaches," on the Internet at http://www.cio.com/article/2375742/it-organization/cisos-look-to-hire-white-hat-hackers-to-head-off-security-breaches.html (visited 2/2/2015)
5. CMS Wire "But Bounty Programs Help Companies Track Vulnerabilities," on the Internet at http://www.cmswire.com/cms/information-management/bug-bounty-programs-help-companies-track-vulnerabilities-027932.php (visited 2/19/2015)