CEH Certifications a Boon for Businesses That Don’t WannaCry

Read the tech news any day of the week and you’ll get a good idea of how prevalent hacks and cyberattacks have become. Whether it’s a spoofed email that brings a user to a phishing site to harvest user credentials; an executable that’s clicked to launch a malware attack on a laptop or server; or a more sophisticated cyberattack designed to penetrate company’s IT infrastructure, the bad guys are using ever-more sophisticated tactics – and it’s their inherent nature to keep seeking out new vulnerabilities.

Cyberattacks Are a Booming Business

A recent study by KPMG reports that across various industries, 94% of companies perceive cybercrime as the major threat to business; 72% of the companies faced some sort of cyber-attack over just the past year; and (alarmingly!) 78% of these companies don’t have a cyber-incident response plan in place. Cybercrime in 2016 "cost the global economy over $450 billion, over two billion personal records were stolen and in the U.S. alone over 100 million Americans had their medical records stolen,” according to Steve Langan, Chief Executive at Hiscox Insurance.

Even Consumers WannaCry

When hackers target corporate networks, they can also impact end users, consumers, and patients, people just like you and me. Just look at the WannaCry ransomware outbreak in May. The virus infected 200,000+ Windows systems, gaining access to not only corporate network resources but also medical device systems at hospitals and health care providers. While ransomware infecting a device doesn’t necessarily threaten patient safety directly, medical device outages force re-allocation of resources, delay patient care and can trigger more clinical mistakes. WannaCry provides ample evidence of vulnerabilities in critical infrastructure that impacts end consumers.

Hire Hackers to Fight Hackers

The IT departments at companies that serve patients, protect personal data, or provide any product or service to consumers are all potential targets for cyberattack. So how can a head of IT respond to these cybersecurity challenges? Hire trained hackers (in this case “ethical hackers”) who can apply their knowledge of hacking to help a corporate IT environment prepare for imminent threats.

There is huge demand for IT security workers who clearly understand what the bad guys are doing, and that’s precisely what the Certified Ethical Hacker (CEH) certification is all about. It offers an opportunity for IT/IS managers, system admins, tech support engineers, security specialists, network admins and related roles to up-skill their competencies and work at an elevated level in their IT organization.

A Certified Ethical Hacker defends his or her network by employing the same tactics the unethical hackers and cybercriminals are using, without the danger of getting into trouble for it. It’s like a narcotics officer going undercover for a few weeks and coming out with knowledge of how the criminals operate and how to shut them down.

Generally speaking, a CEH certification can help an ambitious IT professional:

  • Master advanced concepts on ethical hacking such as writing virus codes, exploit writing and reverse engineering.
  • Grasp the step-by-step methodology and tactics that hackers actually use to penetrate IDS, firewalls, honeypots and wireless systems.
  • Identify vulnerabilities of different systems and the finer nuances of trojans, backdoors and countermeasures.
  • Apply these and many more strategies – and earn 44% higher salaries.

Mitigating Attacks Like WannaCry

How could a CEH-certified ethical hacker help the IT department in the case of attacks like WannaCry? There is certainly no silver bullet approach, but knowing the tactics hackers will use arms you with the knowledge and tools to take action before and during an attack. In this case, CEH tactics could help to:

  1. Understand how phish kits work to help filter out phishing emails that target a company’s employees.
  2. Protect Windows PCs with advanced tools such as PowerShell and Hacking SQL .
  3. Harden server defenses for IIS and Apache web servers as the next line of defense.
  4. Spot malware code at the desktop before it can migrate to server environments.
  5. Identify the footprints that hackers leave and how they try to cover their tracks.
  6. Prevent attacks that use SQL injection to penetrate your environment.

The CEH certification can help put you on the path to success in the IT field. It establishes you as a highly in-demand professional, gives you the skills to fill a vital defensive role in an IT organization, and helps you move up the value chain in your career by filling better roles with higher salaries.

About the Author

Dan BiewenerDan Biewener

With 15 years of experience teaching and developing instructor-led training and video-based e-learning curricula, Dan is currently Director of Training Research at Simplilearn where he conducts and compiles research on the latest content and training best practices. Backed by his degree in Speech Communication and numerous certifications in Digital Marketing and aviation technologies, Dan brings insights from both sides of the training process.

View More
  • Disclaimer
  • PMP, PMI, PMBOK, CAPM, PgMP, PfMP, ACP, PBA, RMP, SP, and OPM3 are registered marks of the Project Management Institute, Inc.