Friday, December 4, 2015

The rise of penetration testing, cyber counter terrorism and hacktivism

Change is on the horizon in the realm of cybersecurity. Biometrics are becoming commonplace as identity authentication tools. Fingerprinting and retina identification technology no longer dwell in the realm of science fiction. The daunting cyberthreat landscape has also done wonders for the value of the cybersecurity market, which MarketsandMarkets predicts will grow from a $106.32 billion value in 2015 to $170.21 billion by 2020

The evolution of cybersecurity is also reshaping traditional notions of the cybersecurity expert, and creating new opportunities for computer technology gurus to put their tech wizardry to good use. 

Penetration testing

In a nutshell, penetration testing is a form of ethical hacking intended to identify holes in cybersecurity so they can be patched before a hacker exploits them. This concept is by no means a recent development. According to an infographic from installCore, the idea of ethical hacking dates as far back as 1939. In the 1960s, specialists began discussing computer penetration, and in the 1970s the first modern ethical hacks were conducted by the U.S. Air Force.

However, it was only in the past six years or so that penetration testing started to transform into a lucrative component of enterprise security. By 2014, many cybersecurity firms had begun incorporating penetration testing into their service offerings. In fact, the U.S. Department of Homeland Security is now providing firms with free penetration testing, according to a recent report from Brian Krebs. 

Alternatively, many cybersecurity firms seek to tap into the talents of the masses by hosting competitions, or hackathons, that provide monetary rewards for any average Joe who finds a new way to breach safeguarded technology. These are extraordinary opportunities for the lucky few who emerge victorious to break into a lucrative career in IT. 

IT expertise can help protect assets in both the virtual and physical worlds.IT expertise can help protect assets in both the virtual and physical worlds.

Cyber counter terrorism

Federal governments are just as susceptible to the malice of hackers as any private company, a fact that has been made extraordinarily clear in the wake of the massive Office of Personnel Management breach. However, some of these hackers may or may not be state-sponsored, and they're not always gunning for governments. As highlighted in a recent blog post from cybersecurity vendor CrowdStrike, Chinese-affiliated hackers have been targeting private companies, possibly in an effort to steal trade secrets. Hacking has always been a matter of national security, but research from the Ponemon Institute revealed that nation-state sponsored attacks are on the rise. In other words, cyberwarfare between nations is becoming a very real thing.

Taking this idea a step further, French President Francois Hollande recently called upon major technology firms to get actively involved in the war on terrorism, according to CBS. He implored technology bigwigs to leverage their vast resources and technological expertise in order to help governments bring down threats to national security. The use of digital resources in an effort to abate terrorism adds a whole new dimension to cybersecurity, as it extends the benefits of technology expertise to combating real-world threats to public safety.  


Hacktivism is a gray area when it comes to the concept of ethical hacking. The most recent example takes the form of a data breach against manufacturer of electronics for children, VTech. According to Wired, 5 million adults and 200,000 children were affected by the hack. As scary as this may seem - especially the latter statistic - the data breach was an act of hacktivism, and the hacker has shared the vulnerabilities with Motherboard. There are doubts as to whether or not the hack would have ever been detected had he not come forward about it. The hacker has said that he has no intention of selling the information, and that his actions were strictly to expose a vulnerability. 

In theory, this hacker may have just prevented an extraordinarily frightening breach. If cybercriminals had beaten him to it, personal information - including pictures - of 200,000 children could have been pilfered and sold on the dark Web. However, that doesn't necessarily mean that what the hacker did, or the way he went about, is ethical, and it most certainly isn't legal. 

Certification is still the best route to success

"Penetration testing is a viable career path for cybersecurity specialists."

Any person seriously considering a career in cybersecurity is highly encouraged to steer clear of hacktivism. There is a greater likelihood of getting caught trying to break into a system than becoming the next virtual Robin Hood or Batman. Likewise, the odds of winning a million dollars in a sponsored hackathon are extremely slim, especially for someone who does not have a computer science background. 

That said, penetration testing is a viable career path for cybersecurity specialists. Anyone interested in penetrating this job market may want to start by looking into network security certification. Cisco security certification and CompTIA security certification are great for those who have moved past the basics or have a clear direction in mind for an IT career path. Network plus certification is also hugely important, as it entails credentials that allow a professional to securely design and manage a vast array of devices.

For more information about cybersecurity-related certificates and other relevant IT credentials, browse New Horizon's comprehensive list of courses and certifications


Categories: Security+, IT Career Development NewsNumber of views: 1833


Theme picker