The general media, scaremongering and IT illiteracy...

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

I don't read much mass media these days for exactly those reasons
the majority of it is uneducated tripe and fearmongering aimed solely at selling papers, not reporting anything

 

Arro

This is just part of what I have to put up with when explaining what I do to non-technical people. Inside the IT industry, I'm looked on with a mixture of appreciation and disgust - I've lost count of the number of people who think my idol is Neo from the Matrix, or that are convinced I'm running invite-only FTP servers or warez sites, or am a botherder, or Christ knows what else. By the same rationale, many peers know that security bods are essential in protecting infrastructure, and are genuinely pleased to have one working in thier department/organisation.

Outside the industry its a completely different matter. I remember once interviewing for a role where they wanted someone to look after their infrastructure (A sys/network admin job), but also 'look at their security systems' because they 'weren't working very well'. There were no technical staff on the interview panel other than a hands-off IT manager (it was a relatively small company and I would have probably been doing everything from patching to upgrading to AD) When I asked when they were last pen-tested they looked at me blankly. I had to then explain what pen-testing was - whereupon I was met with incredulous looks "You mean we have to PAY someone to hack us?" The interview deteriorated pretty much from that point, but I had fun telling them that they didn't really want a Network Admin with a bit of security experience - they wanted a CEO who understood the absolute basics of network security!

Chuck about a term like 'Ethical Hacking' and often technical people people start to get all touchy about things at the best of times, let alone when the meedja gets a hold of it on a slow news day and asks a clueless journalist to write a piece about 'HACKING!!!!'

Its insane that people can't understand that in order to understand what a hacker is doing to get into your systems, you have to know the tools, tricks and techniques they use to do so.

Then again, every time I see a tech-related story on telly or in the paper I amuse myself by totting up the inaccuracies contained within it. What makes it even more depressing is that, when you take the time to learn the basics, security isn't really that hard a topic to grasp. The mainstream media seem to take the Chris Rock approach to anything to do with IT - wearing ignorance like a badge of honour "What's the capital of Zaire? I don't know that shite - I'm keepin' it real!" simply because its seen as 'geeky'. When security is involved, they always just play it lazy and shove a load of scaremongering into their stories.

Just ignore it - it will never change and if you let it bother you you'll end up seething. You're better off knowing the truth and, since you already know that 'Ethical Hacking' is a valid, vital part of any organisation's security, that instantly elevates you above the average media sheep.

 

Believe it or not, there are some employers who will NOT hire someone with the CEH certification because it has to do with "hacking".

 

Lol....

I'll bear that in mind when i next move jobs....!

As an IT professional you like to think that your CV will be viewed by responsible and competent IT Managers or other such professionals.

However it's worth remembering it may also be viewed by uneducated IT managers or uneducated HR folk!