IT Security professionals must eat, drink and live IT Security all the time
Imagine a young black-hat hacker, probably in his teens, who infiltrates systems and steals data from many different computer systems. He finally gets caught, and after facing the charges and maybe even jail time, he comes back to his passion of testing systems for vulnerabilities.
But this time he does it with a purpose, to secure the systems from the same type of cyber criminals he used to be. This is one of the most classic stories of black-hat hackers in the recent decade.
The general public is often curious why someone does that, what is the reason they bring mess, harm, steal or just mock a certain political figure.
“Black-hat hackers have a very different mentality, and unless you put yourself in “that” mindset, you can’t understand it.” – says a software engineer and a former hacker, Cal Leeming.
The reasons black-hat hackers do what they do are often fame and reputation, according to Brian Alleyne, an expert on cyber criminals, in his interview with Financial Times.
The bigger the next attacked company is, the “better” for the hackers “reputation” in his or her circle. When well known organizations experience a data breach it often gets covered in the news. The attackers’ nickname becomes widely known, which in the hacker’s mind means “fame”.
Not all black hat hackers are motivated only by fame, there are also cyber criminals having a financial and political motivation in their actions. But for majority of them it is kind of a competition or a game, where the cyberspace is a “playground” in which one has to show off their skills and attitude to the world, just because they can.
Black hatters usually love to prove that they are ones who control the network, and do not hide their nicknames. Sometimes they leave a message unless they penetrated the system with a motive to spy.
There’s a huge risk to become the next victim with the growing number of attacks. Hence it is a must for companies to secure themselves. Nobody is safe! Even though there’s a shortage in IT security experts and it’s extremely hard to find professionals nowadays, organizations have to keep in mind that it is in their first interest to invest in their IT security employees. One way companies can do that is by training their existing IT team.
We all have to remember, the cyber world is a fast growing and quickly changing environment. A a good IT security professional will have to constantly adapt to the changing environment. One of the comments on our previous article “Top 5 skills to look for when hiring your next IT security employee” said: “An IT security professional would see the organization from a perspective no one sees it from and he or she must eat, drink and live IT security all the time.”
What do you think? What mindset is most important for any IT Security professional?