Mashable’s Jolie O’Dell recently posted a story on Black Hat Hackers landing legit jobs.  Hackers have long been the bane of organizations throughout the industry.  This is especially true as a result of the high-profile security incidents over the last few months.

In a recent Wikibon post centered on Security vs Compliance, Exempa SCL Health Systems CISO Eddie Mize drills down some security scenarios where sites that were thought to be secured via compliance were actually quite vulnerable when it came to security (see video below).

Some of the rapidly growing concerns in technology circles today are projects around security, as a product of the implications of these incidents, of organizational lack of security status, and the proper protection of emerging technology assets as they come to production status.

Organizations are starting to get the message that moving to a more secure stance is something that is acutely critical.  Moreover, they are acting on it.  As the videos describe, there are more elements and approaches to security than normalized processes typically account for.  Good hackers rely on this, and can use tools such as social engineering to gain a vector for attack.  This type of attack is how RSA reportedly first got compromised.  We all know where that led. 

Companies are now looking to address their security issues, starting with compliance assurance, guidance, and extending to advanced services such as penetration testing and strategic analysis.  These types of services have great value to an organization and prove to validate existing constructs, and assist in the overall posture of an organization.  Gap analysis reporting and regular vulnerability profiling tailored to an organization are some of the custom type of services that can be gained.  This is an era of signficant threats, increased functioning, increased information and combined with a motivated base of willing cyber-criminals, we are beginning to see the notions of reaction to the run of recent cybersecurity news.  Traditional computing is changing and security is a critical component of this changing landscape.  The very leading technologies and concepts we know continue to grow in the business landscape are contributors to these changes.  Things like cloud computing, mobile computing devices, big data and analytics, virtualization, streaming technologies, handheld apps, emerging services around these technologies and others all keep pushing the technology envelope where security has to be there every step of the way.

To add to Jolie’s list, one of the more recent stories has famed hacker GeoHot working at Facebook now.  While his role has not been publicized, SiliconAngle’s Kit Dotson looks towards his iOS knowledge and its value to the organization.  So in many cases, these “black hat” hackers indeed have a business value.  In the case of rogue organizations and movements like Anonymous, AntiSec and the now-dormant LulzSec, as outsiders they ring the clarion bell of the existence of threats.  Others may turn to penetration testing as an industry, implementing their security and technology knowledge to the betterment of the organizations that employs them.  Others have skill and creative assets in defeating device locking and hardware overall.  Whether it’s “black-hat”, “grey-hat”, or “white-hat” hackers, the bottom line is that in the world of security, you should consider not only the external threats at hand, but the potential advantages of embracing these types of dynamic skills in your organization.  Look for momentum to build in services around security as the technology landscape evolves and as we report on ServicesAngle these perspectives will continue to manifest in our coverage.