By Leonando Carmona, Senior Director of Cyber Security at Pismo

In recent years, new technological solutions driven by cloud technology and AI have redefined the products and services offered by financial institutions. New mobility and flexibility for transactions, online issuance, inquiries, easy access to Internet platforms, and a multiplicity of apps have attracted thousands of new business and private users. Consequently, the demand for qualified cybersecurity professionals has become increasingly competitive.

This landscape—also extremely attractive to hackers—demands even greater attention to cybersecurity, which has taken on a leading role in the list of concerns for banks, organizations, and companies in the sector. It is no coincidence that global investments in risk prevention and cybersecurity are expected to increase by 14.3% compared to last year, reaching 215 billion dollars. Given the increasing number of cyberattacks, optimizing cybersecurity, and risk management programs is essential, especially for those in the financial sector.

Banks in various countries have faced attempted—and successful— breaches of their customers’ data. One of the most recent successful attacks occurred in the United States, leaking information from 7.6 million customers. The situation became even worse for the institution in the market because, despite detecting systems with performance issues, the bank has not yet been able to determine how the attack occurred.

While no systems are perfect, and there may be exploitable gaps, strategies can be adopted to find and fix vulnerabilities before others do. After all, it is well known that “the best defence is a good offence.”

In my area of expertise, we combine an “onion” strategy—comprising multiple layers of security, including antivirus on users’ machines and multiple firewalls—with a proactive attack and prevention strategy executed by two cybersecurity expert teams, known as the “Blue Team X Red Team.” With different yet complementary profiles, these two groups bring together creative professionals who are in tune with the tactics used in the market and have a perspective that goes beyond the company’s boundaries and preconceived rules.

The Blue Team consists of professionals with a classical background in security. They are responsible for creating security policies, reviewing strategies, and developing new solutions.

On the other hand, the Red Team includes experts who are also trained in security but have more aggressive profiles. They act as “ethical hackers,” maintaining a routine of proactive attacks on the company’s systems to find flaws and vulnerabilities.

This combined permanent attack/defence strategy has enabled a much more accurate diagnosis of cybersecurity, corrections, and any necessary preventive actions for all systems in a sandbox or production environment.

How to become an ethical hacker

Outstanding cybersecurity professionals can become true ethical hackers and form a valuable line of defence against cyberattacks, which are growing exponentially worldwide. In Brazil, according to research by Check Point Research, there were 28 billion attempts during the first half of 2023. This year alone, the country has seen a 38% increase in the first quarter.

Ethical hackers, or white-hat hackers, need to be more than specialists in a specific skill. They must have a broad understanding of the various aspects of technology to see vulnerabilities and systemic flaws.

Here are some valuable tips for those who want to embark on this journey, shared by experienced experts:

– Clearly and objectively communicate vulnerabilities and issues found in systems so that everyone—technical or non-technical—can understand the consequences and recommendations to be adopted.

Emphasizing The importance of continuous learning, as new threats, tools, and technologies emerge constantly, will keep you motivated and engaged in this dynamic field.

Developing critical thinking and being open to new ideas (thinking outside the box) will empower you to understand systems and solutions that change constantly and anticipate possible attacks.

– Understand cybersecurity defence fundamentals, including security concepts (encryption, authentication, access control, and common vulnerabilities such as buffer overflows, SQL Injection, XSS).

Understanding cybersecurity laws, regulations, and ethical guidelines is crucial to avoid accidental illegal actions and to ensure responsible and ethical conduct in this field.

– To understand cybersecurity’s “offensive” side, be proficient in penetration testing tools (Metasploit, Nmap, Wireshark, and Burp Suite).

– Be proficient in programming languages (such as Python) or scripting languages (such as PowerShell and Bash), which will help automate tasks, develop tools, and understand vulnerabilities.

– To evaluate and protect web applications, be familiar with application architectures and technologies such as HTML, CSS, JavaScript, and PHP.

– Be proficient and understand operating systems such as Windows, Linux, and Unix. Most systems will be based on these platforms.

– Understand how networks work, including protocols, IP addressing, routing, and subnets, to discern vulnerabilities and potential attack vectors.

Continuously expand your technological knowledge through online training and certification platforms for cybersecurity professionals. The Internet offers various options, including courses with practical labs and tests.

The demand for professionals with these qualifications is increasing following rising threats. Many companies have already understood that “the best defense is indeed a good offense.”


About Author:

Leonardo Carmona is a Senior Director of cyber security at Pismo. With over 25 years of experience in the technology market, including 15 years as a security and digital transformation leader, Carmona has extensive experience in the financial industry, having worked with insurance companies, banks, credit bureaus, and financial services startups.