Cyber threats have escalated in the wake of the pandemic and fraudsters have become more sophisticated day by day, creating countless threats and vulnerabilities that require businesses to stay on top of their game to protect their data and systems from attackers. .
Of all the solutions companies could explore, it might seem counter-intuitive to include willful hacking on the list. However, Inti De Ceukelaire, head of hackers at cybersecurity firm Intigriti, said companies that have passed advisory checks and numerous certifications have had to come to terms with the painful reality that their systems are vulnerable to attack.
“They come to us and say, ‘You can test us, we’re not scared,'” De Ceukelaire told PYMNTS in an interview, adding that it doesn’t take long for that confidence to drop. “In more than 70% of cases, a high to critical vulnerability is detected within 48 hours.”
This sudden awareness of their threat exposure has given the Brussels-based company the opportunity to help its clients beat cybercriminals at their own game, working with its community of around 50,000 ethical hackers. These hackers work to discover unknown but potentially dangerous vulnerabilities in their systems – a testing approach known as the crowdsourced bug bounty program.
Launched in 2016, the crowdfunding security platform recently announced a $22.4 million Series B raise – a significant amount that company CEO Stijn Jans says validates their business and shows that there is a growing demand for their service in the market.
Read more: Cybersecurity firm Intigriti secures $22.4M Series B funding
For De Ceukelaire, it’s on an even more personal level.
“I’ve been an ethical hacker for over 10 years now and initially my desire to help businesses wasn’t always appreciated — [that is why] I think [this shift in mindset] is a beautiful thing,” he said, adding that “10 years ago this work was illegal in some countries, but today it’s a full-time job. [for many individuals].”
Hacking is here to stay
As much as companies warm to the idea of allowing their systems to be hacked, De Ceukelaire said it’s still important to reassure new customers that there will be no exposure to malicious hackers.
“The first exercise we do is look at the extent of the attack surface and all the different ways hackers can get in. Then we try to see how we can test all of those things with a group of people from the crowd without disrupting any of their business,” he explained, adding that by starting small and private, customers’ business operations are not disrupted and trust is built.
For ethical hackers, the first person to find and report a vulnerability is the one who gets paid, a strategy – “the power of the crowd” – that motivates hackers to keep finding problems that a single consultant or small team would have easily missed, noted De Ceukelaire.
It’s also proof that with human creativity it’s possible to beat any machine or technology, and that’s why he doesn’t agree with solutions that seek to circumvent ethical hackers and fully automate the cyber defense process.
“Hacking is one of the oldest professions [to exist]. People don’t need a computer to hack, they’ve been cheating and bending the rules for [as long as we can remember] and it will continue to exist for many, many years [to come]“, argued De Ceukelaire.
Register here for daily updates on all of PYMNTS’ Europe, Middle East and Africa (EMEA) coverage.