Good cop; bad cop: let ethical hackers attempt to break into your online security system

Have you heard of an ethical hacker?

If the criminals who try to break through your firewalls and steal your details are the bad guys, ethical hackers or “finders” are the good guys who get there first. In fact, it’s a great idea to invite ethical hackers to have a go at breaking in so you know where you need extra protection. It’s like checking your shop door once it’s locked to make sure no-one can get in.

Many computer whizzes and students take up ethical hacking as a hobby because they not only love problem solving but are passionate about keeping businesses like yours safe.

The National Cyber Security Centre (NEBRC) recently reported a 63% increase in the number of vulnerabilities submitted by ethical hackers in the last 12 months. That means more and more bright minds are on your business’ side and prepared to spot gaps in your security before the bad guys do.

To make sure you’re aware of vulnerabilities that ethical hackers find, it’s a good idea to put a vulnerability disclosure programme in place. According to the NCSC, “50% of finders don’t report bugs because there is no clear reporting process”.

The NCSC has a useful Vulnerability Disclosure Toolkit on their website which you can use to help the good guys help you:

In the meantime, we have a team of talented students here at the NEBRC who can scrutinise your security system. Under the watchful eye of our police and professional security supervisors, they’ll discover where you need to strengthen your protection.

At the same time, giving students the chance to do this provides excellent experience as they get started in their cyber security careers. Who knows, one day once trained, they could be the brains behind saving your company from an attack. To find out how our ethical hackers can check your business is safe, please

The National Cyber Security Centre (NCSC) and National Police Chiefs Council (NPCC) are working together to support the establishment of Regional Cyber Resilience Centres (CRCs). The CRCs represent a significant opportunity for the NCSC to expand the reach of its guidance and services to smaller organisations across the country and provide an extra level of practical support to enhance their impact. The NCSC is currently assisting the NPCC in determining the suite of cyber security services that the CRCs will be able to offer.