The Eastern Michigan University (EMU) Master of Science (M.S.) in Cybersecurity online program prepares graduates to protect and defend against real-world cyberattacks and digital threats. Students in this program learn the latest defenses against cybercriminals and how enterprises seek to strategically defend their systems, in part by anticipating attacks before they happen. In several courses, students engage in state-of-the-art research activities, including ethical hacking practices.

What Is Ethical Hacking?

Ethical hacking, more specifically known as penetration testing, aims to discover areas of vulnerability that criminals could potentially exploit so that valuable systems and data can be proactively protected. This practice involves third-party consultants or employed professionals legally breaking into systems to test organizational defenses. From the ethical hacker’s perspective, one of two outcomes are possible with each project:

  1. They succeed in exposing vulnerabilities and allowing an organization to close holes before hackers discover them.
  2. They fail to find areas of exploitation and confirm to an organization that its systems are secure enough to withstand a serious hacking attempt.

Penetration testers, or ethical hackers, work with information systems leaders to determine the computer assets that are in scope for testing, applications and services for protection and defense, whether service interruptions are allowed and if defenders will be notified about the test. The testing goals may demonstrate that systems are vulnerable to break-ins, denial-of-service attacks or data exfiltration. Once testing is complete, ethical hackers submit documentation and photos which may include failed and successful hacking methods and summaries or granular detail about vulnerabilities.

Ethical Hacking Is in High Demand

Additionally, WannaCry ransomware attacks (using malicious software or malware) are increasingly prevalent. Consider these statistics:

  • Security attacks increased 31% from 2020 to 2021, according to Accenture’s “State of Cybersecurity Resilience 2021” report.
  • The cost of cybercrime is predicted to hit $10.5 trillion by 2025, according to the latest version of the Cisco/Cybersecurity Ventures “2022 Cybersecurity Almanac.”
  • It takes an average of 287 days for security teams to identify and contain a data breach, according to the “Cost of a Data Breach 2021” report released by IBM and Ponemon Institute.

According to TechTarget, 69% of organizations are increasing their cybersecurity budgets in 2022, according to the Enterprise Strategy Group’s 2022 Technology Spending Intentions Survey. Among surveyed IT decision-makers, 85% expect their cybersecurity budgets to increase by up to 50% in 2022, according to a 2022 Kaspersky report on cybersecurity budgets.

Ethical hacking is the key to avoiding the potential 287 days to identify a serious data breach, so it is incredibly cost-effective for large enterprises to prevent attacks rather than respond to them.

Understanding the Terms

This exciting field has a lexicon all its own. Here are common terms and strategies that fall under the umbrella of “ethical hacking” and what they mean:

Penetration Testing: This testing method targets vulnerabilities in whole applications or individual components that criminals can exploit. It involves professionals working under constraints attempting to defeat the security layers of a system. Targets that may be tested include operating system platforms, applications, patch levels, network ports, users and IP addresses.

Red Teaming: Otherwise known as the red team/blue team approach, in this method, a group of authorized professionals conduct a mock cyberattack or use the known exploitation capabilities of cybercriminals against an enterprise. The blue team acts as the organizational defender over a period of time, while the red team attempts to demonstrate the impacts of successful attacks in a representative operational context. The blue team’s findings contribute to new recommendations that integrate into a total enterprise security readiness posture.

How a Professional Enters This Field

The EMU MS in Cybersecurity online program prepares graduates for jobs in cybersecurity, including those interested in ethical hacking.

Cybercrime is a constant threat that public and private organizations of all types and sizes spend considerable resources to prevent. Yet, while the frequency and severity of attacks continue to increase, organizations and their stakeholders and constituents can take comfort in knowing that an army of cybersecurity professionals, including ethical hackers, is doing all it can to stay ahead of the enemy.

Learn more about EMU’s online M.S. in Cybersecurity online program.