"I often use 'hacker' and 'security researcher' interchangeably."
So said cyber security expert Keren Elazari in an open interview with ITWeb on Twitter yesterday.
Elazari, who has become known for advocating a positive change in the way we see hackers, will present an international keynote at ITWeb Security Summit 2015 later this month on engaging hackers to strengthen operational security.
Although the term "hacker" has popularly become synonymous with "cyber criminal," it originated as a term for the best and most creative programmers, said Elazari. She adds that Apple co-founder Steve Wozniak, Facebook co-founder Mark Zuckerberg, and WhatsApp co-founder Jan Koum were once hackers.
Elazari puts forward that while many hackers use their skills for criminal activity, many help reinforce cyber security by finding and reporting bugs and loopholes.
"That's why the criminalisation of security research will only hurt the industry, and do nothing to de-motivate criminals," she warned. "Governments and corporations must realise that going after 'friendly' hackers, who report bugs for a good cause, is actually counter-productive."
Elazari optimistically notes that many multinational corporations are exploring different ways to work with hackers to reinforce security, such as innovation competitions, hackathons, and bug bounty programmes, which are crowdsourcing initiatives offering monetary rewards to individuals who find bugs.
Asked how to approach the possibility that a hired hacker could be a criminal posing as a security researcher, Elazari responded, "how do we deal with corrupt policemen, government officers or doctors? By building trust, transparency and cultivating ethics."
Share