CSO: 10 essential skills and traits of ethical hackers

On October 26, 2021, NetSPI Director of People Operations Heather Neumeister was featured in an online article by CSO:

What if you could spend your days trying to gain access to other people’s networks and computer systems—and not get in trouble for it? Of course, that’s every spy and cybercriminal’s dream, but only ethical hackers, also known as white hat hackers or penetration testers, can feel sure that they’ll get away with their break-ins. These security pros are hired to probe systems for vulnerabilities, so that their targets can figure out where their security needs beefing up.

…

Ethics. OK, maybe this seems obvious, since the word “ethical” is right there in the job description. But the truth is that a pentester is given a lot of responsibility and power, and it’s important to feel sure that they won’t abuse it.

Heather Neumeister is director of people operations at NetSPI, which specializes in penetration testing and attack surface management. “Assessing a candidate’s ethics is based on both background and personal assessment,” she explains. “When part of the criteria being considered for a new hire is ethics and morals, there is always going to be an element of gut instinct. But it’s also important to ask questions around why someone chose to get into pentesting, as you can usually quickly identify a person’s intent during initial conversations. To find people with strong ethics and morals, it can be helpful to look at the activities a candidate does in the greater community. Extracurriculars like non-profit work, public research, and open-source contributions can be useful indicators of a higher ethical standard, as it’s often the case that those who choose to positively benefit the security industry without personal gain are those who are truly committed to ethical behavior.”

Read the rest of the CSO article here: https://www.csoonline.com/article/3637732/10-essential-skills-and-traits-of-ethical-hackers.html