The recent WannaCry ransomware cyber attack earlier this year targeted U.K. hospitals and quickly spread to over 150 countries worldwide, demonstrating just how vulnerable our most important computer networks are — and the invaluable benefits of cybersecurity today.
Just a few years ago, the world of so-called “white hat” ethical hacking was a veritable Wild West. Independent hackers emerged from the “black hat” shadows, arrested and forced to work with police and government. Today, the route to becoming an ethical hacker — or, as many prefer to call themselves, a cybersecurity consultant — is much more above-board.
Certified Ethical Hacking
Most cybersecurity consultants have a post-secondary degree in computer science or a related field, or substantial self-taught knowledge and several years of experience in information security. Those who are serious about pursuing a career in cybersecurity can now obtain a Certified Ethical Hacker (CEH) credential from the International Council of E-Commerce Consultants.
The EC-Council describes a certified ethical hacker as “a skilled professional who understands and knows how to look for weaknesses and vulnerabilities in target systems and uses the same knowledge and tools as a malicious hacker, but in a lawful and legitimate manner to assess the security posture of a target system.” The CEH certification comes with a code of ethics: Never participate in an illegal hacking activity, and protect the intellectual property of clients.
Today, cybersecurity consulting can be an incredibly lucrative career, and CEH professionals are in high demand. According to the EC-Council, ethical hackers can expect to make between $15,000 and $45,000 per project.
The hallmark nature of information security is that it’s always evolving. If you’re an aspiring consultant, you need to be prepared to constantly develop your knowledge and skills over time. Don’t expect to be immediately successful as a consultant without a few years of IT experience, and ideally a degree and certification to go along with that. Pursuing military service in an IT capacity is also a boon for getting hired, particularly by employers that require security clearances.
The Challenging Life of a White Hat Hacker
Whether you’re working independently or for an employer, the world of information security consulting can be stressful — particularly when you’re working to protect critical network systems in government, finance and healthcare. You’ll always need to stay one step ahead of the black hat hackers working to dismantle these systems, so get ready for long hours of problem-solving and some frustrating dead-ends.
In addition to your advanced information security knowledge and problem-solving abilities, you need to have very strong organizational and communication skills and the ability to work well under extreme pressure. Unfortunately, security breaches don’t wait for business hours to begin. Depending on the severity of the breach, you may get a call to respond to security crises at any hour.
This is a field where you need to be very aware of your personal liability if anything goes wrong. Get advice regarding liability insurance, and read over your contracts carefully to assess the level of risk you’re agreeing to. You can minimize your personal liability by registering as a corporation, for instance. It’s worth getting proper legal advice from a lawyer that has experience with cybersecurity cases before you sign your first clients.
The benefits of cybersecurity are becoming increasingly valued by companies of all sizes as critical digital systems continue to grow in complexity. For those looking to enter the field, this is contributing to huge growth in the industry and plenty of lucrative opportunities. Today’s cybersecurity consultants perform some of the most important, stressful and rewarding work in the world.