White-hat Hackers: Cybersecurity Specialists
Hackers who use their computer programming, technology, and cyber skills to help companies protect against cyber attacks are in great demand! To address the growing need for cybersecurity specialists, Symantec and Science Buddies are helping students learn more about careers in cybersecurity. There are thousands of openings around the world for individuals who can think like a hacker to help beat hackers at their own game.
An infographic on data breaches and stolen identities shows data for the years of 2013, 2014 and 2015. In 2015, there were 318 data breaches, with 9 breaches exposing more than 10 million identities, 429 million total identities exposed, average 1.3 million identities exposed per breach, and a median value of 4,885 exposed identities per breach. In 2014, there were 312 data breaches, with 4 breaches exposing more than 10 million identities, 348 million total identities exposed, average 1.1 million identities exposed per breach, and a median value of 7,000 exposed identities per breach. In 2013, there were 253 data breaches, with 8 breaches exposing more than 10 million identities, 552 million total identities exposed, average 2.2 million identities exposed per breach, and a median value of 6,777 exposed identities per breach.
A Growing Problem
The number of cyber attacks each year continues to be on the rise, and the types of cyber attacks continue to proliferate. Symantec reports they "discovered more than 430 million new unique pieces of malware in 2015, up 36 percent from the year before." Ransomware, watering hole attacks, Black Swan events, the Butterfly Effect, and spear phishing are just a few of the kinds of cyber attacks Symantec mentions in its 2016 Internet Security Threat Report. These attacks often target zero-day vulnerabilities—vulnerabilities in software that developers and administrations don't know exist until they are used as the basis for a cyber attack.
For both individuals and businesses, the numbers are frightening, and the risks are real. As a result of nine known "mega-breaches," Symantec says more than half a billion personal information records were accessed or stolen by hackers in 2015. Reportedly, 39% of the documented cybersecurity breaches in 2015 involved health services.
Over Half a Billion Personal Information Records Stolen or Lost in 2015 and more companies than ever not reporting the full extent of their data breaches. Thirty-six percent of breaches included medical records. The largest number of breaches took place within the Health Services sub-sector, which actually comprised 39 percent of all breaches in the year. This comes as no surprise, given the strict rules within the healthcare industry regarding reporting of data breaches. There were 120 incidents of personal records stolen with 4 million identities exposed. The total number of identities exposed for 2015 was 429 million (an increase of 23% from the previous year).
Individual computer users have to be careful and smart about their online practices. But as more and more personal information is stored online and more and more people rely on online services, safeguarding against hacking and preventing data theft or service disruption is mission critical for companies. To succeed, today's businesses must conscientiously and consistently be on the lookout for cyber attacks and, when possible, stay a step ahead. Companies can't simply wait for a cyber attack to happen. They must be actively working to safeguard systems, looking for weak spots and vulnerabilities, and protecting against the possibility of cyber attacks.
So, how do you fight a hacker?
The best answer may be... with another hacker.
Hacking for Good
Hackers are most often thought of as the "bad guys"—computer programmers intent on stealing information, breaking into systems, and spreading viruses. Numerous hacker-themed movies have contributed to this stereotype and the social image of a "hacker," a keyboard-clacking computer programmer holed up in a room with an array of equipment and the ability to tap into seemingly any network. Working either alone or in clusters, these hackers are often part of a dark underground network where information trafficking comes with a high price tag. Like most stereotypes, the idea most people have about hackers is at least partly true. Hackers are computer programmers that look for ways to break into systems. A hacker whose goal is to cause trouble or steal information, for example, will search for a loophole or a crack in a system and use it to wage an attack.
But the skills needed to hack a system for the wrong reasons can also be used for good. Today, hackers are often thought of in three categories: white hats, gray hats, and black hats. White-hat hackers, sometimes referred to as ethical hackers, can be instrumental in helping safeguard company systems and data stores.
A Career in Cybersecurity
To help protect users and companies from hackers, individuals with the same kinds of skills are needed. This reality has led to an explosion in Internet Technology careers and increasing demand for cybersecurity specialists. A Forbes article earlier this year, described the cybersecurity market as "expected to grow from $75 billion in 2015 to $170 billion by 2020." According to a report in Stanford's Peninsula Press, "more than 209,000 cybersecurity jobs in the U.S. are unfilled, and postings are up 74 percent over the past five years." The U.S. Bureau of Labor Statistics predicts demand for information security analysts, a specific type of cybersecurity job, will grow by an estimated 37% by 2022. The job ranks 3rd on Forbes' list of The Best Jobs in 2016 and ranked 8th last year on the U.S. News and World Report's list of The Best Jobs of 2015.
It's clearly a great time for computer-minded students to consider a career in information technology and cybersecurity. Unfortunately, not all students receive education in computer programming skills or exposure to cybersecurity career options. There are not enough "good" hackers to fill the demand, and reports indicate there are not enough students going into these fields to offset the need.
Through development and support of career profiles and hands-on student science projects and classroom activities related to cybersecurity and computer programming, Science Buddies and Symantec are hoping to encourage more students to consider these critical, in-demand 21st century STEM fields.
Web Penetration Tester
It may feel strange to apply for a job as a hacker, but that is exactly the role many companies are looking to fill. Companies need someone who can think like a hacker—but for good.
The job of Web Penetration Tester is an example of a cybersecurity career that builds upon the same skills exploited by hackers. A new Science Career profile at Science Buddies helps students learn more about this career path, opening up the field of computer programming, information security, and systems analysis. There are many specialties within these fields that students can pursue, and career profiles like the Web Penetration Tester help students better understand the wide range of options and specialties.
As students viewing the new career profile learn, a Web Penetration expert might do tasks like these:
- Look for a target company's potential cybersecurity vulnerabilities
- Brainstorm, develop, and implement simulated cyber attacks to help test a company's systems
- Practice social engineering attacks, like trying to get employees to reveal their passwords
- If simulated attacks are successful, "steal" company information to show that other hackers could also access the data
- Carefully document the results of any exploits or vulnerabilities detected
- Suggest strategies to improve cybersecurity
Explore Cybersecurity with Student ScienceStudents curious about cybersecurity issues or interested in computer programming can learn more with student science projects like these:
- Password Security: How Easily Can Your Password Be Hacked?
- Do People Use Different Passwords for Different Accounts?
- Password Games: Understanding and Testing Online Passwords
- Pair Pokemon GO with a Classroom Cybersecurity Activity
- Boost Password Savvy with a Classroom STEM Game
Symantec Program Promotes Careers in CybersecurityTo increase student awareness of cybersecurity careers, Symantec launched its Symantec Cyber Career Connection (SC3) initiative. Through SC3, Symantec is helping bring awareness and training to students, with the goal of helping fill the need for more cyber security specialists. Today, SC3 has opened programs both in the U.S. and India.
You Might Also Enjoy These Related Posts:
- STEM is for Everyone: Richard Mankin, Entomologist
- STEM is for Everyone: Wanda Díaz-Merced, Astrophysicist
- Explore STEM Careers with a Remote Learning Project
- STEM Career Bingo!
- STEM is for Everyone: Ralph Braun, Engineer
- Learn More About these 19 Scientists for Black History Month
- STEM is for Everyone: Farida Bedwei, a Computer Scientist with Cerebral Palsy
- STEM is for Everyone: Geerat Vermeij, a Paleoecologist who is Blind
Explore Our Science Videos
BlueBot 4-in-1 Robotics Kit
Slippery Slopes - STEM activity
Gel Electrophoresis and Forensic Science: Biotechnology Science Fair Project