Skip to main content
Become a member
  • Register
  • Login

Register Login


News Cyber Security - Blogs

Getting the hackers onside

08 Oct 2018

Graphic of a hand reaching out from a computer screen towards a keyHackers are behind many of the data breaches and IT system interruptions that threaten a company’s reputation and balance sheet. 

The 2018 Cyber Security Breaches Survey found 43% of UK businesses had reported cyber security breaches or attacks in the last 12 months. The most recent case involves British Airways who was the target of a 15-day data breach, which compromised the credit card details of over 380,000 passengers.

As the saying goes, “If you can’t beat them join them”. It may seem a strange analogy, but organisations may be able to improve their cyber security by employing hackers to put their business’s IT systems through the ultimate stress test.

A third of businesses look to employ a white hat hacker

In recent research for the Hiscox Cyber Readiness Report 2018 – a survey of more than 4,000 businesses across the UK, Europe and the US – over a third (36%) of businesses reported that a key priority in the fight against hackers over the coming year would involve the hire of independent hackers.

Sometimes referred to as  a ‘red team’ they are an independent group that challenges an organisation’s security. They tend to be made up of ethical or ‘white hat hackers’. Called so because of the ‘good guys’ in Westerns who used to wear white hats to identify themselves from the ‘bad guys’ in black hats.

The idea being that white hat hackers can use their skills to find the vulnerabilities in a system before they are exploited by hackers intent on criminal activities. Surprisingly, it seems the UK is one of the least likely countries to use white hat hacking given only 33% of UK businesses saw it as a key security initiative compared to 35% for the US, 36% for Germany and 40% for The Netherlands.

Why use a white hat hacker?

Employing a white hat hacker can be a highly effective way of carrying out penetration or intrusion tests on an organisation’s system. They are independent from the organisation and have no interest in covering up any potential issues.. As well as trying to get into a company’s system they may also try ‘social engineering tactics. This is where hackers use their abilities to trick people into offering them access to sensitive information. For instance, they may target employees to get access to secure passwords or to get them to carry out a payment diversion (where an employee is duped into sending a fraudulent payment).

Extra prevention is key in the war against hackers

“Having security software and policies or procedures in place is one thing,” says Stephen Ridley, a Cyber Underwriter at Hiscox, “but we frequently see how human error can prevent these from providing the full protection that they should. Having systems independently tested is a great way of ensuring that there are no gaping holes that could potentially be exploited. It’s equivalent to having someone do a sweep of your house when heading out to make sure that all of the windows and doors are closed and locked, and that no valuables are left in sight of opportunist thieves.”

Finding system vulnerabilities

Ultimately, employing an ethical or white hat hacker could save an organisation money. White hat hackers can find those system vulnerabilities that, if exploited, may result in computer systems being unavailable for long periods. Of those businesses identified as cyber experts (those best placed to deal with the cyber threat) in the Hiscox Cyber Readiness Report 2018, over half (54%) saw the employment of a white hat hacker as a key security initiative. On the other hand, less than a third (32%) of those businesses identified as cyber novices – (organisations least able to deal with a cyber threat) were considering the hire of a white hat hacker.

Reduce the likelihood of a claim

Of course, no system will ever be completely secure from hackers which is one reason why many organisations choose to have cyber and data insurance in place to help restore systems and meet a financial loss following an incident. By, using the services of a white hat hacker you can further reduce the likelihood of making a claim.

Help protect your business against data breaches, viruses and other attacks from hackers. Hiscox can help minimise any loss and possible damage to your business and its reputation, IoD members receive 5% discount for the lifetime of your policy.

0800 280 0354

Find out more

What all SMEs need to know about cyber security

Tuesday 20 November, 9-10am

The webinar will provide an interactive platform for SMEs to gain a greater understanding of cyber security, as well as practical advice around how to defend against attacks, and deal with the aftermath of an attack in the short, medium & long-term

Register for free

Coronavirus Hub - IoD

An error has occurred. Error: Related articles is currently unavailable.

Contact our press office

Press office

IoD Professional Development Brochure

Knowledge, skills and mindset for a challenging world

IoD courses are designed to tackle the core competencies needed to thrive at board-level.

Download course brochure