News article

•   11/23/2016
•   Digital Services Industry & Energy
•   Created by Christina Münchhausen

As the level of networking increases, the hazards associated with unauthorised parties accessing corporate systems are growing accordingly. Professional hackers like the security analysts from TÜV TRUST IT are therefore gaining importance in the context of defensive measures against digital intruders. They must be accomplished specialists in several fields.

Hackers are known for being resourceful code breakers in their efforts of gaining unauthorised access to corporate information. But security analysts act as hackers too, the crucial difference being that they search for possible weak points in defined systems by deliberately initiating attacks in the scope of a customer order. In the context of defensive measures, they are becoming an increasingly significant factor in identifying security holes. But what are the skills professional hackers need to possess, given that neither a clearly defined job description nor an official degree programme exists? According to André Zingsheim from TÜV TRUST IT, himself a security analyst acting as a hacker, the key competency requirements are: 

• A broad basic knowledge of IT: Only someone who has already delved deeply into the digital technologies can understand the world of hacking. This is why prospective security analysts must be able to read source code and know their way around the functionalities of applications, operating systems, databases and information security. The ability to penetrate the various IT disciplines in an abstract sense is of equal importance, however.

• In-depth understanding of networks: As data are transferred via network protocols, a security analyst needs to be at home in this field. Even if only the most widely used protocols, such as TCP/IP, FTP, DNS, HTTP, SSH or SSL/TLS, are taken into account, this covers a broad area.

• Basic programming skills: Security analysts must be able to quickly familiarise themselves with a new programming language if necessary. For when investigating technical infrastructures, they will sometimes need to write their own scripts or exploits in order to determine a specific system behaviour.

• Understanding the workings of security tools: In the scope of in-depth technical security investigations, the analyst applies a broad set of tools specially designed to be employed for a wide range of purposes. To do so, they must have a thorough understanding of the tools’ workings and, most importantly, be able to use them intuitively.

• Insight into relevant standards: The list of specialist knowledge required includes adequate familiarity with the standards on information security, such as ISO and BSI standards.

• High level of analytical skills: Without intrinsic talent and analytical thinking, the gaining of new insights will be very limited. Considering that the behaviour and reaction of IT systems to various events and complex conditions must be examined, the analyst must be able to discern how a system treats data, what it does with them, how it processes them and how the data processing operations are related.
• Lateral thinking and curiosity: Creatively looking for weak points in security systems requires an ability to consciously take different perspectives and to get a sense of the bigger picture beyond structured guidance. After all, the job usually requires finding something that the company in question failed to take into account. This also includes a talent for experimenting and a readiness for continuous learning. 

·         Social competence and empathy: It is also necessary to understand people in the context of their respective corporate culture, as social engineering activities are part of hacking projects as well. Because intruders try to obtain sensitive information through specific people. A security analyst therefore needs to have as clear an idea as possible of how users react to, say, a phishing email.