ILLUMINATION Book Chapters
Digital Intelligence — Chapter 13
Leveraging Ethical Hacking for Cybersecurity Requirements of Digital Ventures
Chapter 1, Chapter 2, Chapter 3, Chapter 4, Chapter 5, Chapter 6a, Chapter 6b, Chapter 7a, Chapter 7b, Chapter 8, Chapter 9, Chapter 10, Chapter 11, Chapter 12, Chapter 13, Chapter 14, Chapter 15, Chapter 16, Chapter 17, Chapter 18, Chapter 19, Chapter 20, Chapter 21
Like any business organization, digital ventures need to include cybersecurity in their business vision, mission, strategy, and operational tactics to survive and thrive. This is a broad topic but I provide essential considerations for technology leaders responsible for the success of digital ventures.
Every aspect of technology and online business relates to cybersecurity. It is a particular interest in Cloud Computing, IoT, Mobility, Big Data, and analytics services.
Even though this chapter is about cybersecurity, the principles also apply to overall Technology security. My aim is to create awareness for security and privacy which are tightly related topics. When security is compromised, privacy is most likely conceded too. For example, a minor security issue caused millions of Facebook account details to leak to the public domain recently.
Cybersecurity is a massive security domain and touches every aspect of security management, including identity management, authentication, authorization, and several other areas.
Related to advanced business and technology security, emerging blockchain initiatives unfold critical security requirements that digital ventures should consider.
Apart from adding appropriate measures for security, digital ventures should also consider the concept of ethical hacking to increase security intelligence and contribute to the overall digital intelligence of ventures.
The purpose of ethical hacking in digital ventures is to identify vulnerabilities in the systems, tools, and solution building blocks.
Early identification of vulnerabilities and resolving them promptly require deep security and cybersecurity expertise for ventures. The security team members need to take ethical hacking education and practice their learning in the workplace.
Ethical hacking requires broad security knowledge and technical specialty in several domains. For example, security functions such as authentication, authorization, accounting, and auditing are critical functions for introducing an ethical hacking process in the venture.
Ethical hacking is an antidote to criminal hacking.
Criminal hackers manipulate data, information, knowledge, assets, money, and the reputation of people and organizations for various purposes.
As opposed to criminal hackers, ethical hackers empower business processes and people. They improve conditions, resolve security issues, address vulnerabilities, and reduce the risk of threats.
To achieve these critical goals, ethical hackers must be more knowledgeable and skillful than criminal hackers. Some professional, ethical hackers are more knowledgeable and skilled than criminal ones. In other words, ethical hackers must outsmart criminal hackers to serve digital ventures.
Ethical hackers use various security management tools. One of the prominent tools is the packet analyzer, aka sniffer, in the technology sector and security communities. A sniffer can be software or an appliance intercepting packets in the network and capturing network traffic as communication packets.
Digital ventures may need an ethical hacking process for auditing and corrective actions to meet rigorous industry compliance requirements.
The ethical hacking process covers six broad domains and expertise in digital ventures from my experience in the field. They are architecture and design expertise, industry awareness, core security expertise, analytics, technical capability, and interpersonal and business stakeholder expertise.
I want to touch on each domain and expertise within the ethical hacking context. The purpose is to guide the capability requirements of ethical hackers in digital ventures.
Ethical hackers are technical specialists. However, they need to understand system architecture and design constructs. Awareness of architectural governance schemes is crucial for ethical hackers. They must be capable of seeing the big picture in the venture.
Knowledge of the business processes, consumption model, application landscape, data platforms, and practices helps them to see the big picture.
Industry knowledge and expertise are also critical to seeing the big picture. They need at least to understand the rules and regulations in venture industries.
In addition to the big picture, ethical hackers also need to dive deep into details of comprehensive security and cybersecurity components. Their expertise must cover all components, and their skills must be up-to-date. An awareness of security issues and threats at the global level is a must.
Analytics is an essential cybersecurity function. To this end, ethical hackers must be capable of analyzing systems, hosting infrastructures, networks, design solutions, business applications, data, and databases. These areas require a sharp eye for detail.
Digital ventures consist of many applications written in various programming and scripting languages. Thus, ethical hackers should be able to understand coding and scripting for languages used in the venture’s applications.
They need to possess core hacking techniques such as sniffing, scanning, reverse engineering, disk and memory forensics, and vulnerability analysis.
Knowledge of operating systems is also essential. Many ventures use multiple operating systems proprietary as well as common ones such as Linux, Windows, Unix, ZoS, Android, macOS, and iOS.
Every digital venture has a network and is connected to several other networks. Thus, networking and internet-working skills are critical for ethical hackers.
They need to understand network protocols, wireless protocols, network architecture, infrastructure frameworks, network application patterns, network devices, networking functions, network management tools, connectivity flows, mobility, data communications, and integration of local and wide area networks.
Data is bread and butter for digital ventures. Hence, ethical hackers must find effective ways to deal with data sets from many angles. They need to understand data platforms, practices, storage, data lakes, data lifecycle management, databases, information processing, and expert knowledge systems, especially in artificial intelligence initiatives.
Besides, these specialists must possess skills for dealing with Big Data and analytics in growing ventures, especially for special forensic investigations.
Mobility is embedded in digital ventures. Ethical hackers must understand the digital technologies, mobile networks, and mobile workflows in the venture’s networks, including their protocols and device relationships.
Ethical hackers have a broad understanding of the mechanisms and implications of emerging technology stacks such as IoT (Internet of Things), Cognitive Computing, Cloud Computing, Edge and Fog Computing, Artificial Intelligence, and Big Data Analytics.
The key differentiating factor of ethical hackers from criminal hackers is their interpersonal skills. These talents must be of a caring, trustworthy, and reliable nature. As opposed to criminal hackers, ethical hackers must empathize with employees, sponsors, and consumers. They need to act non-judgementally and be approachable to people, always guiding for corrective actions.
Digital ventures can have multiple stakeholders at different levels. Ethical hackers must have exceptional stakeholder management skills. They should be able to communicate at all levels and speak the business language rather than technical jargon. Business stakeholders expect them to articulate risks, issues, and dependencies at technical and business levels.
In these ventures, ethical hackers work with the technical team and liaise with project managers, product owners, legal departments, and business executives. Understanding the processes, methods, and tools of projects is essential for ethical hackers.
Ventures may need urgent assistance, guidance, and action in critical situations. This is called incident management.
Thus, as most skilled security experts, ethical hackers focus on incidents urgently and spend very little time in problem management, which includes root cause analysis for resolution. During critical incidents, they rapidly identify risks, issues, and dependencies and only contribute to problem management after the incidents are resolved.
Finally, sponsoring executives in digital ventures may need the input of ethical hackers to create new solutions in the invention and innovation process.
To conclude, security and particularly cybersecurity, is a critical business factor in digital ventures.
The ethical hacking process and leveraging the necessary capabilities of ethical hackers can help the ventures address incidents, resolve the problems, prevent threats, and produce with an innovative mindset iteratively and consistently.
Thank you for reading my perspectives.
Other chapters
Chapter 1, Chapter 2, Chapter 3, Chapter 4, Chapter 5, Chapter 6a, Chapter 6b, Chapter 7a, Chapter 7b, Chapter 8, Chapter 9, Chapter 10, Chapter 11, Chapter 12, Chapter 13, Chapter 14, Chapter 15, Chapter 16, Chapter 17, Chapter 18, Chapter 19, Chapter 20, Chapter 21
ILLUMINATION Book Chapters is edited by Claire Kelly, Ntathu Allen, Karen Madej, Britni Pepper, Thewriteyard, Maria Rattray, Dr. Preeti Singh, John Cunningham. If you want to contribute as an editor please contact me.
If you have books or manuscripts and own copyrights, please contact us by sending a request with your Medium account ID to contribute to ILLUMINATION Book Chapters. We will publish your book chapters in story format. Leveraging this initiative not only generates passive income, but you also can gain new readers.
Sample Stories for New Readers
In addition to my full-time consultancy job, I am a prolific writer with 40+ years of experience and the author of multiple books. I write on eclectic topics. Writing is my passion and hobby giving me therapeutic and monetary value.
Here is a short list to give you a quick taste of my recent stories.
I Don’t Make Money by Selling My Time Anymore for Three Reasons
Sugar Paradox: Key to Solve Metabolic and Mental Health Disorders
Cholesterol Paradox and How It Impacted My Health Positively
Three Tips to Boost Nitric Oxide and Lower Heart Disease/Stroke Risks
Why 442 Million People Live Diabetic and What We Can Do About it
I wish I had Gone Self-Employed 40 Years Ago for Three Reasons.
Ten Hobbies Enhanced the Quality of My Life over the Past Five Decades
What Would Happen if We Set Healthy Boundaries for Emotional Maturity?
An Overweight Man Called Me “Crazy & Freak” in the Butcher Shop Today
I wrote about nutrients like citrulline malate, biotin, lithium orotate, alpha-lipoic acid, n-acetyl-cysteine, acetyl-l-carnitine, CoQ10, NADH, TMG, creatine, choline, digestive enzymes, magnesium, hydrolyzed collagen, nootropics, pure nicotine, activated charcoal, Vitamin B12, Vitamin B1, Vitamin D, Vitamin K2, and other nutrients that might help to improve health and fitness.
Disclaimer: This post does not include health or professional advice. I only documented my reviews, observations, experience, and perspectives to provide information. If you have disease symptoms, please consult your healthcare professionals. Health is the responsibility of individuals.
About the Author
Thank you for subscribing to my content. I share my health and well-being stories in my publication, Euphoria. If you are new to Medium, you may join by following this link.
You may also join my seven publications on Medium as a writer requesting access via this weblink.
I write about health as it matters. I believe health is all about homeostasis. I share important life lessons from people in my professional and social circles.