blackboard - stock.adobe.com
At first glance, ethical hacking, like jumbo shrimp, appears to be a contradiction of terms.
But ethical hacking is no oxymoron. In fact, it is an incredibly interesting and rewarding career, requiring someone with a unique blend of skills. Ideally, that person is tenacious, is constantly evolving and has a passion for problem-solving.
The following are five of the most important ethical hacker skills and traits, based on my 15 years of practice.
1. Technical competence
At its basic level, an ethical hacker must be technically proficient. An ethical hacker has to understand how computers communicate and possess at least a rudimentary knowledge of coding skills in various common languages. Ethical hacking encompasses many different disciplines, each with its own specific skill set, but underpinning it all is an understanding of basic computing.
Ethical hacking is a different career from most vocations. It requires a near-constant acquisition of new skills. If you are not up to date with the latest hacking techniques used by cybercriminals, your skills quickly become outdated. Ethical hackers should constantly research new techniques and practice them on the many free hacking labs that are available. The best ethical hacker teams I've worked with continually push me to expand and update our methodologies.
3. Procedural yet inquisitive
Ethical hackers need to follow a methodology and be diligent about recording what they are doing when they hack systems. But they also need to be creative, be inquisitive and have the ability to think outside the box. I've had to "follow my nose" in many tests I conducted to investigate a potential vulnerability --probing beyond what the normal methodology would have indicated. Ethical hackers must remain within the scope of the engagement, but there is always room for creativity, which is what makes it such an interesting career.
4. Communication skills
Nowadays, ethical hackers communicate with clients on a daily basis. A typical ethical hacking client engagement calls for producing a report once the test is completed. Therefore, excellent technical writing skills are a must. It's not easy to distill complex technical attacks into digestible and actionable advice. To clients, the most important part of the engagement is the report and the communication they receive from the ethical hacking team, yet I've worked with many excellent ethical hackers whose explanatory skills were woefully lacking.
5. Drive and ambition
In my experience, the greatest indicator of whether someone will become an excellent hacker, as opposed to an average one, is an overriding drive to improve. Those constantly pushing to expand their ethical hacker skills, even as they pay attention to the basics, are the ones usually offered the most challenging and rewarding opportunities.
Red teaming, which is a full-scale simulation of a criminal's attack, is the most exciting form of ethical hacking as it removes nearly all the constraints placed on a usual engagement. By harnessing drive and ambition, ethical hackers can acquire the skills necessary to participate in red teaming much earlier in their careers.