Ralph Echemendia is a hacker. And he’s ethical. For more than 20 years, Echemendia, aka “the Ethical Hacker,” has delivered training on hacking and security to some of America’s leading corporations and federal agencies, including Google, NASA and the US Marine Corps. That work has also taken him to Hollywood, where Echemendia has worked as a technical supervisor providing digital security to such directors as Oliver Stone.
Now Echemendia is bringing his expertise to Washington, D.C., for the 6th Annual Public Sector Cybersecurity Summit. In advance of his talk, “The Truth About Hacking: Can You Handle It?” WashingtonExec spoke with Echemendia about hacking, the truth, and whether corporations can really handle it.
WashingtonExec: What’s the No. 1 truth about hacking that you’ve found most corporations can’t handle?
Ralph Echemendia: Everything is hackable, everything will get hacked. There is no simple solution or idea of preventing a targeted hack. The weakest link is the human factor.
WashingtonExec: What makes you an “ethical” hacker?
Ralph Echemendia: I hack for the greater good. I do not hack other organizations, people or companies, only the organization that is hiring me with proper authority approval.
WashingtonExec: What key technologies are you tracking in the cybersecurity space?
Ralph Echemendia: All things web application-based. With the “Internet of Things,” as we grow more and more dependent on technology and connectivity, I focus on the threats and vulnerabilities — and more importantly, on how they can affect our daily lives — from medical devices to web sites and mobile applications.
WashingtonExec: What top tips do you impart to corporations in your hacking training?
Ralph Echemendia: Building resilience is the key. It’s not just about the technology, you must address the people and the process. Building more secure people is the hardest of these to ensure.
WashingtonExec: What do your security audits and penetration tests typically uncover?
Ralph Echemendia: They uncover the weaknesses in their controls, technologies and procedures. These are necessary to constantly watch as they change with every new hire, technology implementation or policy requirement.
WashingtonExec: What’s your ultimate takeaway to prevent hacking?
Ralph Echemendia: Awareness is key — we are only afraid of that which we do not understand.
Want to hear more? Check out Ralph Echemendia’s talk, “The Truth About Hacking: Can You Handle It?” at the 6th annual Public Sector Cybersecurity Summit.