An increasing number of businesses are engaging ethical hackers to test their security. There are various reasons why businesses are using ethical hackers. Firstly, they are used to determine the current state of affairs, e.g. what is the risk that client data will be stolen. Are you a target and should you adopt measures? Secondly, you can check whether intended security measures are functioning correctly.
Playback of this video is not currently available
The PwC ethical hacking team checks the IT systems of critical infrastructure, such as trains, sea locks and power stations. There are two test methods: penetration tests and red teaming. In the case of penetration tests, the hackers concentrate on detecting technical vulnerabilities and possible means of misuse in a predefined area. In the case of red teaming, a certain objective is set and the ethical hacker employs several scenarios to achieve that objective. Consequently, an explicit part of red teaming is the human aspect and combining different attack scenarios. We use this means of testing to simulate a genuine attack.