It started with a controversial poster in the UK – one of which was warning parents about their children and cybercrime - involving the Metropolitan Police and National Crime Agency logos. The poster all but confirmed that if your child was dabbling in various online tools such as Tor Browser and Kali Linux, they “could be a hacker.” Both organizations claimed they weren’t involved with the production of the poster, but the idea surrounding the poster’s message was a bit alarming considering it was sending a negative message towards tech education. Unfortunately, this stereotypical trend is nothing new to any individual who demonstrates these notable technology talents. And when legitimate software such as Kali Linux and Tor Browser is associated with cybercrime – this is particularly worrisome as it’s giving individuals a misconception of the term “hacker” and the cybersecurity world in general. Why risk young talent by immediately writing them off as malicious hackers?
You see, not every hacker is “bad.” They are a few categories of hackers – the “White Hat Hackers,” the “Grey Hat Hackers,” and the “Black Hat Hackers.” Their description seems self-explanatory but let us explain so there’s a clearer understanding. White Hat Hackers are the ethical security experts or individuals that are helping companies prevent and combat attacks from said Black Hat Hackers. WHHs typically specialize in penetration testing and other various testing methodologies to secure a company or organization’s information systems and business/personal data. BHHs are, of course, the opposite in that they hack/break into computer networks with malicious intent and may also release malware that destroys files and steals sensitive information – credit card numbers, passwords, names, addresses, etc. And then there are the Grey Hat Hackers who are also security experts but only at times violate the laws or ethical standards but with no malicious intent.
The importance of knowing the differences between the types of hackers is crucial. Currently, there’s a global deficit of cyber experts and we need to be cognizant of how we’re perceiving young adults’ desire in pursuing their technical skills. We will, without a doubt, risk alienating young people from the tech industry if they’re constantly being condemned for honing their cyber skills. It’s been reported that the global deficit is already beginning to affect security teams.
A recent Marlin Hawk study found that 66% of CISOs are struggling to recruit senior talent because candidates either lack the right level of technical knowledge (34%), don’t have the right experience (30%), or are not the right cultural fit (10%). This is especially prevalent in the APAC region, where 91% find it difficult to find the right talent, compared to 61% in the UK and 54% in the US.
We must begin shifting this narrative when it comes to cybersecurity hackers, especially in young individuals. The term ‘hacker’ naturally comes with an association of criminality, however, that’s not always the case. As mentors in the tech community, we have to teach and encourage others the positive benefits of our craft and to see cybersecurity as the viable career path that it is. If we continue to view young children's tech-savvy computer skills as a “bad thing” then that may, in turn, force them to keep it hidden, thus resulting in being driven more into cybercrime. Allowing them a beneficial outlet for their skills is critical in those early stages of choosing their career path and what they truly enjoy doing. Let’s see it for what an honor it could be – one day possibly being on the frontline of protecting us from the ever-growing cyberattacks.