In this first installment of NinjaAnswers, SecureNinja Instructor and Chief Hacking Officer, Michael Vien, answers a cybersecurity question posted by a fan on SecureNinja's Facebook Page.

 

Q: Ninja team, given some analysis that there may not be a single bomb dropped during WWIII, what steps should major network infrastructures take to defend malicious attacks from hostile entities. Additionally, are you aggressively pursuing market share to be a company that teaches the 'offensive' tactics as well?" 

 

Michael Vien's Answer: 

The best defense for organizations now and in the future would be training but not only for those directly responsible for securing the data. All employees have a responsibly to help protect the intellectual property and/or the PII data of their organizations customers and employees. This is not a commonly accepted belief amongst management or employees. Many employees bemoan the need for security training sighting the fact they "don't have anything sensitive on their machine." They do not understand that any computer can be compromised and used as a launching point against the computers which do contain sensitive information. That doesn't mean those employees should be shipped out to information security training but rather that the organizations should institute internal, regular security awareness training. 

 

For the Second Part of the Question- SecureNinja's Answer:

While SecureNinja's desired impact is to create ethical hackers who can defend against cyber attacks like a NINJA, reaching that goal often requires teaching directly offensive hacking tactics. In our SecureNinja Advanced Cyber Warrior grouping of courses, you’ll find several courses that strictly feature offensive hacking tactics. These courses are becoming increasingly popular with the nation’s growing need for advanced level cybersecurity professionals. SecureNinja is committed to actively building upon our course offerings in the field of offensive hacking, and creating an increased supply of highly trained cybersecurity professionals. Or, NINJAS as we like to call them. 

 

SecureNinja Offers the Following Offensive Hacking Courses:

-Advanced Offensive Hacking and Penetration Testing w/ Wayne Burke

-Advanced Offensive Mobile Application Hacking w/ Wayne Burke

-Red Team Hacking w/ Kevin Cardwell

-The Art of Exploiting Injection Flaws w/ Sumit "Sid" Siddarth

 

Meet the Instructor- Michael Vien

Chief Hacking Officer

As the former Chief Information Security Scientist of Whole Security, one of Fortune Magazine’s Top 25 Breakout Companies in 2005, Michael was fundamental in creating the patent-pending behavioral technologies that drive the company’s endpoint security solutions. Mr. Vien has over 18 years of experience in Information Technology including networking, system administration, and development, with a focus on Information Security for a majority of that time.

Mr. Vien has performed penetration tests, network design/implementations, and application development for some of the largest corporations in the world including Bank of America,Symantec, Exxon Mobil, Ericsson, Sprint, and Abbott Laboratories. Mr. Vien has spent a considerable amount of time researching and developing viruses and Trojan horses to aid in his understanding of these types of threats, the result of which has made him aforemost expert in the field of malicious code. Accordingly his vast experience in the fields of Information Security, Identity Theft, Phishing, and Malicious Code, have lead to Mr. Vien being asked to speak frequently on these topics for a variety of public as well as government forums and panels.

Mr. Vien has also performed consulting services for over 35 US Government agencies. In addition, Mr. Vien has developed and taught various classes on Information Security for a number of Fortune 500 companies. Mr. Vien also developed the Attack and Penetration Methodologies for Sprint E-Solutions, including teaching this methodology to Sprint security personnel. In furtherance of his teaching experience, Mr. Vien has also developed and taught ethical hacking and malware classes for SecureNinja training in Washington, DC.

His certifications include CISSP – Certified Information Systems Security Professional, Certified Chief Privacy Officer – SMU/Cox,CEH – EC-Council Certified Ethical Hacker, ECSA – EC-Council Certified Security Analyst, LPT – EC-Council Licensed Penetration Tester, CCSA/CCSE – Check Point Certified Security Administrator/Engineer

Do you have a question for a Cybersecurity Instructor?  

Connect to SecureNinja on Twitter or Facebook and ask your question using #NinjaAnswers!