Monday, 22 april 2019 | Redacción CEU
Defining ethical boundaries is not always an easy task. In some cases the limits are very clear, while in others they are somewhat blurry. Reality cannot be described in black and white, there is also a wide range of grays. In this chromatic range, hackers are like fish in water. They are people with high computer skills who are willing to challenge conventional rules, and sometimes, the law as well. Their goal is to reach what no one else can do through their expertise and digital skills. They are also specialists in detecting vulnerabilities and get the most out of them, but this last definition does not describe all hackers.
Cyber-attacks are not only a problem of technological corporations. Security is a dimension on which any company must work, even more so in the so-called digital era. This need is supported by studies such as the one carried out by Kapersky Lab. According to this survey, which tries to deepen into the situation of cybersecurity in European organizations, 64% of Spanish companies have faced at least one cyber-attack in the last two years. Another shocking fact that this analysis reveals is that 22% of the professionals who are responsible for security claim that these attackers left no trace of their identity.
The National Intelligence Center detected 38,000 incidents of cybersecurity in 2018. This figure represents a growth of 43% in relation to the previous year. Most of these attacks were neutralized, and 102 of them were considered as critical ones. Another study, the Norton Cyber Security Insights Report 2018, maintains that 33% of Spaniards have been victims of cyber-attacks. In fact, it defends that behind USA and the United Kingdom, Spain is the country that receives the most attacks. All these data suggest that security is becoming an issue that requires more and more attention, and companies need to find solutions that live up to the magnitude of this challenge.
The digitalization of the economy, connectivity and the phenomenon of Big Data are trends that make profiles specialized in cybersecurity play an increasingly important role within the companies. Ensuring the safety of organizations means counting on experts such as CISOs, CSOs, DPOs, security analysts or intelligence officers. In fact, all these professions appear in the ranking of the most demanded profiles of the year 2018.
Most companies have online presence, systems which are hosted in the clouds or store digital information of their customers. An incident in security may expose companies to very high risks: economic losses, reputational damage, identity theft, disclosure of sensitive information, leak or abuse of data, etc. In such a context, organizations, especially the largest ones, but not for that reason the only ones to be vulnerable, are starting to hire a new professional profile: ethical hackers.
Their work consists of detecting the vulnerabilities and security breaches of organizations, always with the consent of the companies and by keeping the goal of preventing attacks and improving the protection of networks and systems infrastructures. Their mission is based on the premise that the best way to prevent an attack is by testing the security of the organization. They try to simulate the external attacks that the malicious pirates (also called "black hat" hackers) may perform, but in a controlled manner and with the sound intention of being able to identify, notify and solve the potential problems.
The term "hacker" has long been associated with cybercrime. Nonetheless, behind this concept, which is marked by such a negative connotation, there is a subculture based on curiosity, learning and knowledge, and one which takes, as a testing ground, the digital world. In its origin, the "title" of hacker was won by the person who was capable of performing a unique feat by following principles like free access to information and the improvement of the general quality of life. In fact, the journalist Steven Levy wrote in 1984 the moral principles of these characters in his essay Hackers: Heroes of the Computer Revolution.
This term came to be generally used in its most pejorative sense as some hackers forgot those principles or stopped sharing them. They used their digital knowledge to harm people, companies or institutions and, therefore, started to be punished and prosecuted by law. In order to differentiate these hackers from the rest, different classifications have emerged since then. Hackers can wear white, gray or black hats according to their good or bad intentions or adopt a new name like "crackers" to make their illicit goals clear.
Now, ethical hacking is helping to recover that first image that pioneering hackers used to have in the past, which was characterized by a challenging spirit which was focused on the common good (at least of the one of the members and customers of the companies that hire them). If there is something that distinguishes hackers is the objective they pursue and their commitment to ethical principles.
CEU IAM, the Business School of the largest Spanish educational group, has designed an Executive MBA aimed at training ethical leaders that goes beyond the borders: Boston, Accra and Madrid. It is a training course based on abilities, management skills and tools that are necessary to address the new business challenges that are posed by this global and digital context. It is an MBA which has an approach marked by a deep sense of ethics and which is focused on key issues such as innovation, internationalization, social responsibility and the management of complexity.