You’ve probably heard the phrase “you don’t know what you don’t know”. It’s a stage of learning most people find themselves in at one time or another. When it comes to cybersecurity, hackers succeed by finding the security gaps and vulnerabilities you missed. That’s true of malicious attackers. But it’s also true of their equivalent on your side: a certified ethical hacker.

A certified ethical hacker (CEH) can be one of your best specialists for protecting against threat actors.

What Is Ethical Hacking?

An ethical hacker is a professional penetration tester, an offensive security researcher and a consultant or employee who practices the dark arts of cyber hacking. The term ‘ethical hacking’ was coined in the 1990s by former IBM executive John Patrick to distinguish constructive hackers from the emerging world of cyber criminals.

Both ethical and malicious cybersecurity gurus can use similar techniques to breach systems and access data on corporate networks. The difference is that one seeks to exploit flaws and vulnerabilities for personal gain. The other seeks to fix them for the benefit of their client. They are also sometimes called white hat hackers (as opposed to attackers, or black hats). Ethical hackers use their attacking skills for the benefit of the ‘victim’.

What all ethical hackers have in common is that they try to see the client’s system from the threat actor’s point of view.

Freelance ethical hackers, doing the work because of the rewards offered by bug bounties or just the challenge of it, can help find vulnerabilities. Anyone can practice ethical hacking. But only certified ethical hackers have proven they have the range of knowledge most organizations should be looking for.

What Are Certified Ethical Hackers?

Certified ethical hacker certification for non-governmental organizations exists on two levels. The basic CEH certification is granted after passing a knowledge test. At the next level, CEH Master level requires succeeding in pen testing on simulated systems.

Three major groups issue CEH licenses: the International Council of E-Commerce Consultants, the Certified Penetration Tester course offered by the Information Assurance Certification Review Board  and the Global Information Assurance Certification. You can find education and test prep for CEH through a number of online sources. Both the training and the testing can be done online.

Ambitious young cybersecurity workers can (and probably should) gain CEH certification as part of their training. It’s helpful even if they have no intention of working as a full time CEH.

What Skills Do Ethical Hackers Possess?

A certified ethical hacker calls on three broad skill areas. The first is the skill and knowledge needed for finding gaps and vulnerabilities. One key element of this training is breadth. Because of the certification process, expect CEH specialists to lack blind spots in the general areas of hacking.

The second is creativity — thinking outside the box and trying surprising ways to breach networks. This is actually a bigger part of the work than it sounds. Clients that employ CEHs should try to have protection from all kinds of hacks. The role of the CEH is to find the blind spots, the gaps and vulnerabilities that have fallen through the cracks.

And the third is trustworthiness — the professional practice of gaining access to sensitive company data while always safeguarding it and never abusing the access granted by the client. CEH pros must take the ethical part of their title seriously. In addition to gaining access to sensitive or private data and keeping it private and secure, CEHs limit their social engineering to ethical versions of it. For example, it’s ethical to drop a thumb drive in the parking lot to see if an employee picks it up and plugs it in. But it’s unethical, and against the code of of the CEH profession, to use threats of violence or violations of personal employee data.

How You Can Use Ethical Hackers

A certified ethical hacker can be very helpful to your organization’s cybersecurity efforts. Here is a short list of what they can bring to the table:

1. Finding vulnerabilities, whether they’re gaps in software, physical security or policy
2. Dumpster diving and also scanning public websites looking for information that can help an attack
3. Port scanning with port scanning tools to find open ports
4. Figuring out how threat actors can evade firewalls, honeypots and intrusion detection systems
5. Penetration testing (The difference between pen testing and ethical hacking in general, is that pen testing is scheduled, and more narrowly focused on specific aspects of cybersecurity)
6. Help with the running of a cybersecurity crisis simulation
7. Expose insider threats
8. Participate in and help organize red team/blue team exercises
9. Perform network traffic analysis
10. Conduct a wide variety of covert social engineering hacks. They can test not only cybersecurity systems and policies, but also employee knowledge, awareness and readiness.
11. Scrutinize and test patch installation processes to make sure your employees conduct them in a way that works best
12. Educate the security team on the latest methods used by cyber criminals.

In short, CEHs can function as the beta tester or quality assurance engineer for your cybersecurity defense ‘product’.

What If You Don’t Have a Certified Ethical Hacker?

CEHs are great to have on staff. But if you don’t have one, you can hire a freelancer to do the job. Freelance ethical hackers perform hacking as a service just as the bad guys can.

Another lower-cost option is to organize an internal team to try their hand at ethical hacking. It’s probably not as good as hiring a certified ethical hacker, but better than nothing. Or, you could offer bounties for people outside the business to try their hand at breaching your cyber defenses.

The bottom line is that the work of CEHs can be extremely valuable. You need to put your investment in cybersecurity infrastructure, expertise, employee training and all the rest to the test.