"Ethical
Hacking" could be the solution to Middle East’s IT security
nightmares
Posted: 26 February 2003
Recent worm attacks highlight importance of recognising threats
from beyond the region’s borders, say experts
Dubai — As the recent “worm”
attack that affected around a quarter of a million computers worldwide
demonstrated, the Internet is becoming increasingly dangerous for
organizations that want to protect their digital assets, say regional
IT security authorities.
With IDC Research suggesting some 90 per cent of companies have
experienced a virus problem and 61 per cent have experienced an
attempted external attack over the last year, many companies are
looking for ways to out-maneuver potential hackers. A growing army
of hackers and virus writers are looking for any gaps in a company’s
IT protection, and modern security experts have to be progressively
more imaginative to prevent outside agents gaining access and disrupting
internal systems.
“Ethical hacking” – where a team of external
experts simulate an attack on a company’s network –
has become an increasingly popular option for companies in the Middle
East to ensure the integrity of their organizations’ systems.
“As the number of hackers and virus writers around the world
has risen, so too has the need for ‘ethical hackers.’
These professionals work as hard as the hackers to discover gaps
in code and highlight any vulnerable network devices that could
create security problems for a company,” says Daniel Nufer,
regional sales director for ComGuard, a leading Middle East-based
security consultancy.
Demand for ethical hacking services has risen in the Middle East
in recent months, as business leaders realize that the global threat
of hacking could pose a major threat to their company.
“Incidents like the Worm virus and high-profile hacking cases
in Europe and Asia demonstrate that these problems don’t respect
national boundaries,” says Nufer. “Companies can consider
themselves under threat around the clock, which is why they need
ongoing tests of their security preparedness.”
ComGuard is one of the pioneers of an ethical hacking approach
in the Middle East. Its three-step penetration test methodology
has been widely-praised as one of the most robust approaches available
anywhere in the world, providing a unique real-world assessment
of a company’s visibility, vulnerability and ability to respond
to a crisis. Its experts approach an organization’s IT security
system from multiple angles, including full range port scans, IP
stack fingerprinting and vulnerable services analysis.
There are numerous advantages to undertaking a penetration test.
Companies get a clear idea of the holes in their current security
system. In addition, they can understand how their security processes
work from the hacker’s perspective, and therefore tighten
control mechanisms. Finally, penetration tests are valuable for
ensuring that security employees on the ground are prepared for
an attack, by taking them knowingly or unknowingly through a full
simulation.
“Companies should think of ethical hacking as an essential,
ongoing approach to IT security,” says Nufer. “In years
to come, running an IT system through a program of ethical hacking
steps will be thought in the same way as going to the dentist for
a regular check-up.”
About COMGUARD
ComGuard FZ – LLC is a professional IT security solutions
provider offering technology-driven security solution to the Middle
East businesses and government organizations with cost-effective,
cutting-edge solutions for securing the customers business. ComGuard
security services and solutions are independent of any and all ties
to industry products, which allow us to use the very best combination
of tools and techniques to design and deliver our solutions to the
customers. |
