When you hear the term "ethical hacker," what comes to mind? Does the word "hacker" make you shudder, or do you see it as an essential part of your cybersecurity strategy?
At ProCircular, we believe cybersecurity is more than just technology or buzzwords. It’s about the people behind it. That’s why we’re shining a spotlight on the individuals who are not only shaping the future of cybersecurity but also playing a key role in ensuring the protection and success of your business.
Meet Alexis Diediker
Alexis Diediker embodies ProCircular's commitment to cyber safety, leveraging her unique background to provide exceptional security insights. As a Cybersecurity Consultant - Penetration Tester, she combines her service industry experience with technical expertise in network penetration and social engineering assessments. Holding certifications like CompTIA A+, Network+, and PenTest+, Alexis is also a recipient of the Women of Cyber Academy scholarship from The SANS Institute. Outside of work, she enjoys time with family and pets, as well as hobbies like quilting and cross-stitching. Her success is fueled by continuous learning and a passion for cybersecurity excellence.
We caught up with Alexis to hear her insights on ethical hacking and the evolving cybersecurity landscape:
What is an ethical hacker?
An ethical hacker is like your friend who used to do some very sketchy things but now has two kids and a minivan. In all seriousness, being an ethical hacker means being the bad guy and the good guy bundled into one. We find vulnerabilities within infrastructure and other entities like people, exploit those vulnerabilities, and then help organizations learn how to fix or lessen the blow of those downfalls.
Why was this profession so interesting to you?
There are two things I love doing: causing a bit of trouble and solving problems. This career allows me to do both in a technical aspect. There is never a dull day or engagement, so the thrill is never lacking.
What's your favorite part about working with clients?
Helping them understand risks, concepts, and solutions in a way that is understandable and manageable. Being from a non-technical background, I strive to explain things to people in ways that everyday people can understand.
What does it mean for you to be an ethical hacker?
Being an ethical hacker to me means being the bluntest of risk consultants. Any consultant from any team, red or blue, can express the severity of a risk to an organization. I get to show them firsthand exactly what small misconfigurations here or there can truly cause in their environments. It can be a very overwhelming and scary process getting penetration testing done and it's our job to make the process less scary and judgmental and more educational and hopeful.
What have been the most significant changes you've seen across the cyber landscape in the last few years?
Artificial Intelligence (AI) is definitely evolving the industry for all aspects of this field. A lot more attacks can be automated whereas defense software/products can start to think like human beings and prevent more unique attacks.
If you could wave a wand and solve one problem in the cybersecurity industry, what would it be?
I would make cybersecurity education, risk awareness training, and security auditing free for non-profit organizations helping our community that do not have the budget to protect themselves properly.
What's the advantage of having someone hack into an organization's system?
We can all be blinded by our vulnerabilities, even when we feel the most protected. I often tell people to imagine paying someone to attempt to break into their home. Maybe there are older locks on the windows or a cellar door that can be broken through. These things, a lot like older systems in networks or attack vectors we never knew existed, can often easily be taken advantage of. Having a very realistic experience as well as evidence from testing an organization's network can often convince the right people that steps need to be taken to resolve these issues.
The person in charge of the budget is generally more convinced that more security measures are needed when they see us dump all of the passwords from their network.
Want to learn more about ethical hacking in penetration testing and how it can protect your organization? Reach out to our team or email us at sales@procircular.com today!