(April 4th, 2016) In The Boston Global Forum’s latest online dialogue on cybersecurity, Andrew Douglas, director of Deloitte’s Cyber Risk Services, and Allan M. Cytryn, a BGF adviser and a principal of Risk Matters International, discuss how organizations can use “white hat hackers’’ to help identify weaknesses in their digital systems and defend against malicious intrusions by “black hat hackers’’. This is a very useful session, particularly for businesses.
Some of the white hat work, Mr. Douglas noted, recalls the sort of reverse engineering that led to the development of the Enigma machine used to break the German codes in World War II.
Mr. Douglas noted that the digital community is cooperating more than ever to help fight “black hat hackers’’ who may be seeking to damage organizations’ systems and/or to steal information. This involves testing and surveillance, both he and Mr. Cytryn have noted, to look for gaps in hardware, software and the human (especially regarding training and daily behavioral discipline) sides of digital systems.
Mr. Douglas talked about the challenge of deciding how much to disclose about white hat hackers’ tools without giving those weapons to “the bad guys.’’
And he expressed satisfaction that recent big data breaches, such as that against Target, the huge retailer, and other events have led to more investment in digital security and heightened cooperation among private- and public-sector organizations to combat cybercrime. Further, he implied that “bounties’’ for finding security problems could be used to lure gray or black hats to become white hats.
Mr. Douglas praised the BGF for its Ethics Code of Conduct for Cyber Peace and Security and the BGF’s work to prepare proposals on cybersecurity for the G7 Summit in Japan, on May 26-27.