"One of the most important jobs an ethical hacker has is to educate companies on how hackers can leverage their way into the systems," says Conrad. "They have to prove their own ROI, in a sense, and justify why it's worth a business paying them the six-figure salaries they can now command," he says.
Is There Honor Among Hackers?
Of course, this begs the question: How do you know for certain that the ethical hackers you've hired are, in fact, ethical? Unfortunately, you can't ever know for sure, says Conrad, since the entire profession of white-hat and ethical hackers is based on a code of personal integrity and an 'honor system.'
"When you become a certified ethical hacker, you do have to sign a legal document agreeing that you will use your powers for good, not for evil," Conrad says. "But that's no guarantee, and, unfortunately, there's really no way to be absolutely sure. It's one of the built-in risks companies have to take in order to address these threats," he says.
CBT Nuggets currently offers version 7 of its Ethical Hacking course and is in the process of finishing version 8 of the class, which will be released in its final form in June 2014. CBT Nuggets' Lee says version 8 has already amassed more than 12,000 views, and expects that number to keep growing as security concerns and highly publicized attacks dominate headlines.
"Security as a whole is a huge area right now, especially with news of Target, eBay, Neiman Marcus and others," Lee says. "It is key to educate and open people's minds to the dangers and the cyber security threats out there, and that's what we're trying to do," he says.
To become a certified ethical hacker, candidates should have a minimum of helpdesk-level IT skills, some server experience and familiarity with Linux, says Conrad. Obviously, the more experience the better, but resources like those available at CBT Nuggets can help developers quickly get up to speed, he says.
"The market's wide open for certified ethical hackers, especially as attacks become more sophisticated and vulnerabilities less obvious," Conrad says. "There's not a lot of folks out there doing these kinds of hacks -- yet. But the damage they can do is monumental and the need for these skills will continue to grow," he says.
Sign up for CIO Asia eNewsletters.