How to develop your Career in Ethical Hacking
by Mashum Mollah Job & Career 05 January 2018
The cyber threats pose to enterprises are eventually being taken with the seriousness they deserve as many mobile app-based and e-commerce based service providers are undertaking necessary actions to respond to the the vulnerabilities in their networks.
According to a recent survey conducted across various industries by KPMG states, 94% of companies consider cybercrime as a significant threat to their businesses; approximate 72% of the companies confronted data breaches in one or another way over just the past year.
What shocks even more is 78% of these companies do not have a well-planned cyber strategy in order to tackle cyber attacks like Ransomware. The statistics have cleared that startups and businesses operating across the world are prone to cyber-attacks and require actionable security safety measures.
The main reason for cyber-attacks is the severe talent crunch in the number of trained and skilled professionals in the world of hacking. Ideally, every business must have an experienced team of ‘white hat’ hackers experimenting new techniques to improve the organization’s network.
What is the status of IT market for ethical hackers?
It’s great! The IT market for white hackers is continuously growing despite the existing economic turmoil. As per research firm Gartner, “The worldwide business IT spending had increased by 5.9 percent between 2009 and 2010, to a sum of $2.7 trillion. Furthermore, there is an increase of nearly about 40 percent in spending on worldwide security services from 2011 to 2015, eventually crossing $49.1 billion.”
According to CompTIA Senior Vice President Tim Herbert, “The IT security market experts is set yet for another strong year. The security work field was among the fastest evolving IT occupations in 2016.”
Previous to this year, Facebook had granted its highest bug bounty ever — £32,000 — for detecting a critical vulnerability in the servers. Facebook awarded ethical hacker, Andrew Leonov, after he discovered a remote code execution mistake in ImageMagick, a well- known open-source software tool of Facebook.
How much can an ethical hacker expect to earn?
In your initial years of your ethical hacking profession, you can get paid anywhere between $50,000 to $100,000 each year, depending on the corporation’s status, and on your experience in IT and capabilities. With years of experience, you could attract $120,000 annually, mainly if you perform your own independent consulting.
Since the initiation of its Bug Bounty series, Facebook has paid out about four million pounds to skilled security professionals. Salary also indicates high demand for cyber related skills with the average security salary increasing by 4.99 percent in the first quarter of 2016. In the UK, the average remuneration for ethical hackers is now a comfortable £40,000, increasing to £60,000 for those with penetration testing skills.
Must have skills for every Ethical hacker
1. To start with, you need to have a complete knowledge of writing programs in different programming languages, such as C++, C#, Perl, Ruby and Python. The understanding of web applications, such as .NET and PHP is also necessary. Additionally, knowledge of assembly language along with different operating systems can help in the long term. Apart from this make sure you have a basic understanding of TCP/IP protocols like HTTP, SMTP and ICMP.
2. On the hardware side, you should have the understanding of network devices like switches, routers, firewalls as well. These are the technical skills, but a hacker needs to have excellent soft skills as well.
- Networking includes connecting computers in a Local Area Network (LAN) within a company’s premises and may be in different centers via Wide Area Networks (WAN). Switches and routers can be used to connect various networks and computers to the internet. Firewalls are used to limit movement of data packets into the LAN to restrict unauthorized intrusions or access.
- Routers can read IP addresses, and are also accountable for delivering data broken into packets to the destination. As the data moves out of the router, it shifts to the public domain– the internet. CISCO has the proven track record in router
- Switches can connect to network cables and have many supporting ports. They redirect data to the right place rather than sending it to all locations in the network.
- Firewalls prevent hacking, and those trying to access data from the unsolicited system in an illegal way. All devices are connected to the switch in the system and switches to firewalls which in turn get connected to routers. The routers act as an entry point for the Internet Service Provider (ISP) to any company. The system administrators have the responsibility for installation of operating systems (OS), servers, storage devices, printers, scanners, controlling them, creating username and passwords of the system.
3. In addition to the skills as mentioned above, there are other skills that are important to be picked up as part of honing certified ethical hacker training skills. This includes learning and understanding UNIX. This forms the basis of the internet, and without the knowledge of this operating system, rewriting and refinement are not possible. The hackers can learn it by practicing on the Linux or UNIX on your PC. The next one is to learn HTML which is essential in ethical hacking training and cyber security training.
4. It is recommended that you should undergo a certification course to uncover all the leveraging aspects of ethical hacking, from code evaluation to cyber laws. Certified Ethical Hacker (CEH), Certified Information System Security Professional (CISSP), and EC-Council Certified Secure Programmer (ECSP) are some of the important courses that students can choose. There are various options available to select from. Therefore you must research the quality and return expected prior to investing money and time.