Ethical hacker Remesh Ramachandran shares his thoughts
Cybercrime and its expensive consequences have been forecasted to surpass over $2 trillion by the end of this year. Firms have explored a combination of conventional and unconventional methods to combat such threats to their organisations. One of the approaches includes leveraging on the expertise of ethical or white-hat hackers.
White-hat hackers are not the typical villains, typing code in green font on black monitors as movies make us believe. Ethical hackers are individuals that have expertise in hacking, but do so with the permission of the organisation engaging their services. Simply put, ethical hackers help firms identify weaknesses and vulnerabilities in their digital systems, as opposed to taking advantage of weaknesses for personal gain.
“White-hat hackers are more like expert penetration testers who test for security vulnerabilities in an information system, by replicating attacks that black-hat hackers could try. Hence they are better equipped to combat cybercrime, and they can work hand-in-hand with organisations help them protect their assets from cybercriminals,” says Remesh Ramachandran, one of the masters of ethical hacking.
Ramachandran started his career as an ethical hacker, and has evolved to working behind the scenes with government and international agencies to thwart complex cybercrime. His contributions have earned him recognition from the United Nations, Microsoft, Intel, McAfee, Lenovo, Ebay, MasterCard, the University of Cambridge and Harvard University. His spotting of the cross-site scripting has earned him a place in the Google Hall of Fame. When he is not out fighting cybercrime, Ramachandran is the CISO of a prominent organisation.
As cybersecurity is gaining relevance with the rise of digital penetration, the attitude towards the industry and of professionals within the industry have started to shift. Ethical hackers like Ramachandran help organisations stay prepared against weaknesses in their systems. When organisations have fallible cybersecurity, incidents such as the Yahoo breach of 2013, Target breach of 2014 and Marriott breach of 2018 occur, even within more developed economies. However, one of the risks of engaging an ethical hacker is, they have significant exposure to the organisation's sensitive data, which could sway them away from their initial good intentions.
One method through which organisations explore engaging ethical hackers is through offering bug bounties, that are hefty and enticing enough for ethical hackers to bring their discoveries. This also legitimises the profession, and safeguards the ethical hackers against stigma from society, as this profession is still relatively nascent. As an expert in the industry, Ramachandran extensively writes about how data breaches and cybersecurity lapses can be prevented with the help of trained ethical hacking professionals. His research has been presented at several information security conferences like DEFCON, BlackHat and Hackers Halted.