Fraud Prevention Series: What is Ethical Hacking?
September 8, 2020
We hear about hacking (unauthorized access to data in a system or computer) on the news often. But did you know that there are professionals with the same skills working to help companies reduce the chances of being hacked? These professionals are known as ethical hackers. But what is ethical hacking?
What is ethical hacking?
Ethical hacking is defined by the National Institute of Standards and Technology (NIST) as follows:
“Security testing in which evaluators mimic real-world attacks in an attempt to identify ways to circumvent the security features of an application, system, or network. Penetration testing often involves issuing real attacks on real systems and data, using the same tools and techniques used by actual attackers. Most penetration tests involve looking for combinations of vulnerabilities on a single system or multiple systems that can be used to gain more access than could be achieved through a single vulnerability.”
Bringing ethical hacking to MSUFCU
The ethical hacking team at MSUFCU asseses the organization’s exposure to system vulnerabilities so that protections can be implemented before an attacker could exploit them. MSUFCU’s Ethical Hacking Manager Sean Verity believes significant vulnerabilities are becoming much harder to come by, which is a good indication that the Credit Union is effectively investing resources to proactively reduce exposure to cybercriminal activity.
Testing, testing, and more testing
The Credit Union follows best-practice testing frameworks to ensure testing is rigorous and comprehensive. Proficiency is developed through specialized training and by regularly attending some of the best hacker conferences available.
Ethical hackers perform one tpiece of the pie to keep MSUFCU secure. It takes a team of highly-skilled security professionals, technology professionals, and employees outside of the technology space to keep the Credit Union safe.
Tags: Fraud Prevention Series, Security, Tips and Tricks