The goal is to make the world a better place - but everything starts with curiosity

I've been lucky enough to interview Ann, having a passion for "white hat hacking". On
daily basis is Ann a real IT security geek, both at work, but also in the
private. Why and how you can read more about here.

Ann, 29 year. Have read cand.merc.it on CBS. Today employed at NNIT as IT security specialist through NNIT graduate program. Before she found out, that she wanted to work with IT- security, she traveled around the world, and has also helped to translate the book "Coding for children".

 

Based on Children Height

I first met Ann for an event in Coding Pirates, where she taught children in hacking.
This aroused my curiosity, of course we must hacking down for children.
I was curious as to her story and thought, that IT security really is a field which are all
need to have a curiosity of today.

Copyright and Ethics

Ann's interest started with issues like copyright and privacy policy, so it was the ethical
side of IT security, caught her. When she began to study at CBS, she got through
his studio projects to dig deep. And as it now, went over and
was more geeky in her specialty with IT security standards.
Programming came little by accident, says Ann. She had messed with it at leisure, men
it was only when she got programming on the table in the studio, she discovered how quickly,
you could start using it, you learned. In fact, says Ann, that you should just throw themselves
out of it and try a programming language. She recommends to anyone interested to go online
and sample some free courses, for example Codecademy. You can start with one of the
easier language like Python, but the important thing is to have walk-on- mod. If you are completely new and
will learn the principles of the program, you can also try to play with Scratch.

The good and the bad

There are good and bad hackers. The hackers, whose purpose is to harm others and
destroy data called "Black Hat Hackers". The good is called the course "White Hat Hackers".

How do you see yourself as a white hat hacker?

A white hat hacker that improve things – they do so not to destroy things, or for own
personal gain. White hats obtain a permit from them, there being hacked, and
helps close security holes. I work clearly to make the world a better
place, Whether I sit with hacking or other tasks.
A hacker is not just one, there doing something with computers. A hacker is curious and will
constantly find out, how things work, and how they can be changed or improved. The
can be digitally, but also everything else, For example, there are many, that "hacker" furniture
from Ikea to new, exciting purpose. It is more an approach to the world, and that is
curiosity, above all drives you. Although I have a lot to learn - even more
areas than hacking. So I would rather be called IT security geek than white hat
hacker.

There is also a part, who believe that this part of the IT security industry is not for girls,
but there will soon be surprised - some of the best in the industry are girls, and behind a
computer screen is not sex, determines what you can, it is your knowledge,
skills and your willingness to learn.

Hacking is also everyday

How is your working day?

As a graduate, I have worked with IT security from many different angles. In periods,
I have worked with hacking, I sit for a day and find holes for customers. It may
For example, on a website, where there is a security hole, which makes malicious
the hackers could damage the site or extract data. Our customers are for example public
customers or pharmaceutical companies such as Novo Nordisk – they prioritize often security
extremely high, because it is about people's health and lives. We combine mostly with tools,
For example, scanning for vulnerabilities, and then we work with risk assessments,
When a vulnerability is critical. The job is very creative problem solving, for we have not
answers in advance.

It is also important to work with IT security from multiple angles. For example, we make
also training material for developers to dress them properly about the safety and risks,
and considering security from the start when developing.

The work also has another effect on everyday life: the more you work with IT security, already
more småparanoid you also. You do that, because you all the time have to put you in
the attacker's site and try to anticipate the worst, that can happen, so you can give them struggle to
the line. An example of the small-paranoia is the chip, we have in our credit card: there is actually one
risk of, that it can be scanned by a credit card reader, while I'm standing in the subway - so I
ensures that block the signal, as long as the card is in my wallet.

Protect the treasure chest

In IT security talks Ann on "blue team" and "red team", which have different roles. Both
teams should try to familiarize themselves, how an attacker thinks, and the goal is to protect
treasure chest - that systems and data.
The red team is the attackers, who will try to get to the treasure chest. It is for
example, white hat hackers, looking for holes. The blue team's defense content, as
to defend the treasure chest. They do this for example by setting up firewalls, control accesses
and track suspicious activity.
It's fun to put the game up and find vulnerabilities, but Ann says, she as
like sitting on the defense team.
Ann tells additionally, she really like, when they put a 'hackathon' up in NNIT.
So they sit over the weekend and practicing different tools and play games to
get new ideas and learn, both as attackers and defenders. For example, through Capture
The Flag (CTF) game (see links at the bottom of this article).

detective work

What has been the most fun task, you have helped?

It is more fun when going detective work assignment, and I have to solve a new problem. It may
be when I try to find security holes, but it's also when I sit with development
and trying to get the code of acting, or samples that solve a problem in the architecture. I have for
example helped to set up a system, which controls accesses. It sits as a
octopus with his long arms into all possible systems, and encountered a host of
problems, to be solved, when you have such one to fit into a company's
environment.

Specialistviden

What motivates you on daily basis?

It promises to be better and assimilate me special knowledge, that can help the customer. It's great to be able to
find and help mitigate the risks in the customer's system, the customer does not even know
exists, or do not know how best to solve.
In NNIT graduate program I have also the chance to geek out a lot, meeting
many different people and collaborate globally. I work for example with
colleagues from China, Phillipines, Czech Republic and many other countries. It is awesome, we are many in
the same program, that work across the entire company. We have a really good team, and
also takes on vacations together.

Future jobs

What is your recommendation to others, who want to be white hat hackers?

You can be a way, begin anytime. It's about being curious and continue.
Start by learning the principles of programming (for example, through websites such as
Codecademy) and try their hand at a lot of Capture The Flag (CTF) game, can teach you
find pitfalls in systems (see links at the bottom of this article). Here you are also sure,
you are allowed to try to find and exploit security holes.

Always make sure to have permission from them, trying to hack!

For children and young people, who are interested in IT, I would also like to highlight, NNIT has a
school service for people school classes: We are very aware of, that we should support children and
young in their interest in IT. We need a lot of specialists in the future, so we would like
help promote the interest.

 

Bonus Info
Created by Mia Meldgaard