A study last year estimated that the global losses from cybercrime ranged from $375 to $575 billion – for just 2014 alone. This figure is only expected to get higher with each passing year as cybercriminals become more sophisticated, and their ranks grow with more opportunistic hackers looking to cash in on an increasingly lucrative trend. Given that, it’s easy to see how and why panic among both enterprises and SMBs might start to set in.
What’s most troubling about the cybercrime phenomenon is not only the amount of money or information that could be stolen, but how much businesses need to spend just to protect themselves. Adequate cybersecurity protocols aren’t free, and even when a company has put expensive measures into place, there is no guarantee that they will catch every single potential threat – all it takes is just one malicious email, or one spear-phishing attempt, to make it through, after all.
One innovative method that businesses have explored is employing an in-house “ethical hacker” to identify potential security risks and patch them ahead of time. Essentially, these personnel are former hackers who may have used their skill sets for illicit means – stealing bank account information, breaking into corporate databases, committing identity fraud – but are now being turned legitimate by companies looking to take advantage of their skills for more beneficial purposes.
Instead of hacking into the enterprise’s systems to steal something, these ethical hackers instead hack into the company’s systems to exploit certain cybersecurity vulnerabilities, essentially attempting to beat the bad guys to the punch. Once they have identified a company’s major security flaws, they can then recommend solutions that might not be obvious to non-hackers.
Ethical hackers can make for invaluable additions to an organization’s IT workforce, but businesses first need to decide how large of an investment to make toward employing one. For many, it may be worth looking at someone already on the payroll to fulfill this role rather than bringing in an outside hacker. For starters, it’s much cheaper to pay for Certified Ethical Hacker (CEH) training for an existing staff member than to tack another salary onto the budget. Most of these CEH courses cost between $1,500-$3,500 per program, depending on how intensive a company’s cybersecurity needs are.
But not all organizations can budget for what is usually a $73,000 annual salary for a CEH. And while the average cyberattack costs up to $6.5 million in reparations, making the ethical hacker investment worth it to those companies with enough capital to spend, how many organizations can really afford those services?
While ethical hackers can prove invaluable to enterprises with deep enough pockets, other organizations – particularly SMBs – may stand to benefit from adopting more basic and cost-effective security solutions like VPNs and firewalls to secure themselves against the threat and impact of a cyberattack.
Want to learn more about remote access VPN?
In Remote Access VPN For Dummies, we cover:
– The full VPN landscape, including hybrid IPsec/SSL VPN solutions
– The evolution of remote access VPN
– How to provide users with secure remote access
– How to simplify remote access VPN and reduce costs