Critical analysis paper: Study of Ethical Hacking
The main purpose of this article is to explore ethical hacking by examining the types, benefits, and limitations of ethical hacking. The author is trying to examine the reasons why ethical hacking is vital in an organization, and concerns that an entity should put into consideration when carrying out ethical hacking. According to the author, ethical hackers are different from malicious hackers by the nature of their intent. This is because the main intent of the ethical hackers is to “ evaluate the target systems’ security and report back to the owners with vulnerabilities they found and instructions for how to remedy them´(Bhawana et al., 7). Therefore, ethical hacking plays a very significant role in any organization as they do not have malicious intent.
The key question that is being addressed by the author is, “ what is the benefit of ethical hacking in an organization?”. The author dresses this question by first analyzing what is hacking, the different classification of hackers, and then the benefits of hacking. According to the author, here are different types of tests an organization can perform on its security systems, including local network tests, stolen laptop tests, social engineering tests, and physical tests. These tests can be helpful to an organization as they aid in the provision of the evidence about the real system, or network level of threat exposure through proof of access” (Bhawana et al., 9). This helps an organization to take precautionary measures. The author also notes that ethical hacking creates an element of security cautiousness and awareness among senior management, which is, in most cases, lacking. It helps an organization restructure security systems to be more secure, hence increasing revenues.
The most important information from the article is that businesses are taking much efforts and costs to ensure that their data is safe. According to the author, businesses, and especially the ones that store consumer data, are going extra miles in securing their data, including outsourcing the security services from the experts. The author uses an example of ScanAlert.com, which according to the articles, “boasts of working with over 75,000 secure commerce sites like Sony, Foot Locker a Restoration Hardware” (Bhawana et al., 9). This e-commerce website is also tested daily, and this has enabled it to effectively prevent 99.9% of the hacker crimes (Bhawana et al., 9). This shows the security efforts of the site and operators in an attempt to secure its data.
One of the main conclusions that the author of this article comes up with is that hacking is an essential aspect of the computer world. According to the author, hacking is not always bad, as it has a positive side. The author illustrates this by examing the benefits associated with ethical hacking, such as helping in the detection of threat points and loopholes in the security systems and creating security awareness and cautiousness among the top management. The article also concludes that it is impossible to fill the gap between malicious hacking and ethical hacking (Bhawana et al., 7, 10). This is because human beings are different, their intentions are different, and it’s not possible to conquer the human mind. For this reason, the author suggests that the only option that organizations have is to tighten their security measures. Some security measures that an organization can use include intranet firewalls, email systems, internal webservers, and server security measures (Bhawana et al., 6).
The reader of this article needs to understand that hacking is not explicitly bad. This is because hacking has a positive and negative side. The other explores a vital concept here because most people think that hacking is evil by failing to think about the positive side of ethical hacking. The author also examines the limitations of ethical hacking. Even though ethical hacking is beneficial to an organization, it has limitations such as “looking at one side of the equation” (Bhawana et al., 10). This is because ethical hacking primarily focuses on the external areas and ignores the internal areas (Bhawana et al., 10). Also, some of the vulnerabilities may not be uncovered. The reader may also want to understand different classifications of hackers such as black hat hackers, grey hat hackers and white hat hackers.
One thing that I have learned is the classification of hackers, white hackers, black hackers, and grey hackers. Before reading the article, I knew that there are people who can intrude into the security system of an organization with malicious intents because they have been paid, while others can do so with the motive of detecting the loopholes but did not know the actual classification and names given to this hackers. The most important idea about this article is that it is difficult to fill the gap between malicious hacking and ethical hacking, and therefore organizations should always ensure that they have strong security systems to secure their data, as well as ensuring this system are consistent with the changes in technolpogy.
Work Cited
Bhawana, S., Ankit N., & Shashikala, K. “Study of Ethical Hacking.” international Journal of Computer Science Trends and Technology (IJCST), vol. 2, no. 4, 4 Nov. 2014, pp. 1-10. Accessed 18 Nov. 2019. doi:10.33144/23478578.
.