Friday, 19 September 2014

Top 10 TOGAF resources you don’t need to pay for


You won’t have to shell out any cash for these useful resources. From exam simulators to enterprising ebooks – you’ll definitely be in a better position to pass your TOGAF 9.1 exam first time.

Leading the development of open, vendor-neutral IT standards

 In no particular order...

1. TOGAF Exam simulator

Manuel Di Toma has created a nifty resource for Enterprise Architects studying for their TOGAF 9 certification. Manuel has ensured this exam simulator has been verified by TOGAF® 9 certified Architects. However, it’s worth noting that The Open Group are not directly involved in this resource.

Create a basic account and you’ll be able to save your exam progress and return to it later by logging in.

Access it here.

2. TOGAF 9 in pictures

Created by software company Orbus, this resource is incredible for visual learners. Though not complex enough to rely entirely upon, this resource will make for an undeniably useful revision tool.

You’ll have to spend 2-3 minutes creating an account to access the pdf file but it’s a small price to pay for this useful document.

3. TOGAF 9 Multiple Choice Questions

Composed by enterprise architect, Chris Eaton, and hosted on his blog, these questions mimic the multiple choice sections of the TOGAF 9 exam. Thanks to a great community response, Chris has also released a set of exam scenario questions.

There aren’t many of either question type but it remains a great means of preparation for your TOGAF exam.

Find both sets of questions, in pdf format, here.

4. Another set of TOGAF 9 Multiple Choice Questions

This time the questions are provided by Udayan Banerjee. The set of practice questions are simply hosted on his blog and do not require a download. Make sure you scroll down for the answers!

5. But wait, there’s more! TOGAF 9 Foundation Multiple Choice Questions

Hosted by Glasgow based Techbolo, this is a treasure trove of TOGAF foundation exam questions. Created through PHP, this exam format allows you to resume, skip and return to previous questions.

6. Official TOGAF courseware

This goldmine of slides, reference cards, templates and white papers will be a great supplement to any Enterprise Architects revision efforts. Not to mention, these are official TOGAF resources from The Open Group, so you know you can’t go far wrong.

7. Enterprise Architecture for Dummies 

This 55 page presentation is a great introduction to TOGAF. Despite it being clear that this resource originally accompanied a verbal presentation, it’s still worth checking out.

8. TOGAF 9.1 Quick Start Guide for IT Enterprise Architects 

‘Why would anybody need a short 60 page book on TOGAF 9.1 if TOGAF itself is a 690 page architecture framework?’ asks Wolfgang Keller in the preface to his book.

Well, Wolfgang argues that whilst TOGAF 9.1 covers most things in-depth, it doesn’t provide a quick overview for IT enterprise architects.

‘There are areas of an IT Enterprise Architect’s task list which are not covered by TOGAF at the moment. This makes it a rewarding task to give people interested in TOGAF an idea of what they can expect and what they have to find elsewhere.’

Access his 60 page eBook here.

9. Frequently Asked Questions about TOGAF

If you just want a broad overview of everything TOGAF has to offer, this is a great place to start. These questions are all ones we are asked regularly (and yes, we did create this resource ourselves)

10. ‘TOGAF Distilled’ from Orbus Software

These well produced videos provide a minimalistic overview of TOGAF. There are 8 in total and each cohesively describes a top-level view of the enterprise architecture.

About the Author:       
Sarah writes for Firebrand Training on a number of IT related topics. This includes exams, training, certification trends, project management, certification, careers advice and the industry itself. Sarah has 11 years of experience in the IT industry. 

Thursday, 18 September 2014

5 tips to help you pass your Network+ exam


CompTIA’s Network+ certification is a vendor neutral, entry-level credential. It focuses on key elements of networking, such as installing, maintaining and troubleshooting basic networks. Earlier this year we have shared 5 tips to help you prepare for your A+ exam (which is strongly recommended prior to the N+) so it only seems fair if we do the same for the Network+.

The exam takes 90 minutes. It is a mixture of multiple choice and performance-based questions totalling 100 at most. You need to score at least 720 (roughly 80%) in order to pass. And now, let’s see how you can make sure that you’ll pass.  

You can never go wrong with the official source

Check out CompTIA’s website to boost your learning. The website offers a comprehensive overview of exam objectives, sample questions and a trial version of CompTIA CertMaster. This tool uses the latest scientific findings and tricks to enhance your learning and help you remember and retain large amounts of information more easily.

Firebrand Learn

Make your way to Firebrand Learn, our free self-study platform where you can access the entire courseware for the Network+ certification. This will help you cover everything from Network Technologies to Network Security. Expect plenty of illustrations and graphs to aid your understanding of the focus areas. 

Read Mike Meyers’ books

Mike Meyers is a best-selling author of CompTIA certification books. Check out his Network+ Certification All-in-One Exam Guide and Network+ Certification Passport and you’ll cover everything you need to know about passing the Network+ exam.

Test your knowledge with quizzes

Once you have covered everything, testing your knowledge should be your next step. ProProfs is an online quiz maker that offers a range of Network+ questions, provided by CompTIA. Why is it any different than the CompTIA sample questions mentioned earlier then? ProProfs times your test and gives you the answers straight away, so you can monitor your progress whilst doing the exam - that’s why.

And the obvious ones…

Read the questions AND the answers with equal care. These really seem obvious, but sometimes you might get answer options that only differ slightly from one another and that’s when you really need to understand what the question asks, so stay sharp and read them carefully.

Reading your responses is probably even more important. Bear in mind that there can be close acronyms of terms, like OS2 vs. OSI. Also, if you think a question is wrong, you are probably wrong. So instead of doubting the question, double check your answer and make sure you address it as well as possible. If you think a question is difficult to answer, don’t waste time on trying to crack it. Go for the easy ones first and you’ll have time in the end to go back to more difficult ones.

Follow these steps to help your preparation and during the exam, and get your Network+ exam out of the way. Good luck! 

About the Author:       
Sarah writes for Firebrand Training on a number of IT related topics. This includes exams, training, certification trends, project management, certification, careers advice and the industry itself. Sarah has 11 years of experience in the IT industry. 

Tuesday, 16 September 2014

Practice beats theory – small and medium businesses value apprenticeships over degrees


Recent university graduates have to face the fact that their degrees don’t land as many job opportunities with potential employers as they used to. Read on to find out what the reasons are behind this downturn in the value of university qualifications.

Practice outweighs theory

According to research by Sandler Training, employers, predominantly small and medium sized enterprises (SMEs) have become more focused on the practical skills a potential new employee can bring to the table. This is purely because practical skills immediately deliver more tangible effects on a business.

The research also revealed university graduates are slightly less likely to be hired than those who have chosen the apprenticeship route.  Although the difference is marginal at present (51% vs. 49% in favour of apprentices), based on the responses of the surveyed SME’s, there’s an expected 20% rise in the hiring of apprentices over the next five years. At the same time, there’s only a mere 7% expected increase in the numbers of graduates hired.

What do students think?

Toni Pearce, NUS president, recently said: “An NUS poll of over 1,000 graduates found over half of them believing that ‘gaining experience’ is the main barrier to securing a job.”

A different poll by Ipsos MORI also revealed that youngsters in the UK think degree-level apprenticeships are better for future careers prospects than a traditional university degree. However, despite the growing popularity of vocational training paths, the majority of parents (56%) are more likely to encourage their children to take on a degree over an apprenticeship.

Do you want to avoid being rejected for having no work experience? Get hands-on with an IT apprenticeship and you’ll learn crucial skills, while you also earn money. Watch the following video by the National Apprenticeship Service to get a better idea of what you can achieve as an IT apprentice.

Apply now and kick-start your career

If you’re committed and not afraid to “get your hands dirty” we have tons of great opportunities for you. Visit Firebrand Apprenticeships to find out more about our programmes and the qualification you will get whilst working a paid, full-time role.

What Firebrand Apprentices said

  • “Loved it! Don’t want to leave. Enjoyed all of it, learned some great things.” – Timothy Rabson
  • “I feel that this has started to become the most rewarding educational experience I have had...The instructor makes lessons interesting, treats us like adults and respects us.” – Elizabeth MacKenzie
Learn more about Firebrand Apprenticeships and apply now.

About the Author:       
Sarah writes for Firebrand Training on a number of IT related topics. This includes exams, training, certification trends, project management, certification, careers advice and the industry itself. Sarah has 11 years of experience in the IT industry. 

Friday, 12 September 2014

Massive Cisco CCNP Changes Incoming


In response to the ever evolving state of networking and growing demand from employers, Cisco will be making huge improvements to their CCNP certification.

So what exactly are the CCNP changes? Here’s a quick FAQ to explain…

Q. What’s new?

A. The CCNP has been renamed the Cisco Certified Network Professional Routing and Switching certification (or CCNP Routing and Switching). All three courses in the current CCNP certification route have been updated and new exams have also been introduced.

Cisco has removed wireless, voip and video content topics from the certification. In addition, IPv6, Cisco StackWise, VSS and DMVPN technologies have been introduced.

Q. Why has the name been changed?

A. Changes in job requirements have led to an increased focus on routing and switching technology. This rebrand brings the name in line with other related technology certifications.

Q. How are the exams changing?

A. The exams are being altered to reflect the new content of the CCNP Routing and Switching certification.

  • Exam 642-902 ROUTE is being replaced by 300-101 ROUTE
  • Exam 642-813 SWITCH is being replaced by 300-115 SWITCH
  • Exam 642-932 TSHOOT is being replaced by 300-135 TSHOOT

The current exams are set to retire on the 30th January 2015.

Q. But I’m already training for the CCNP! What happens to me?

A. Candidates already in the process of attaining the CCNP certification will have the option to complete their remaining exams before they are retired on 30th January 2015.
If you have completed some of the CCNP exams, you can mix these with the new CCNP Routing and Switching exams (you won’t need to take any of your passed exams again).

However, the new 300-135 TSHOOT exam assumes knowledge of 300-115 SWITCH and 300-101 ROUTE, so candidates are advised to review the newer curriculum during their preparation.

Q. Have the prerequisites changed?

A. Valid Cisco CCNA Routing and Switching certification or any Cisco CCIE certification will still act as a prerequisite. Nothing has changed.

Q. I already hold the CCNP, how can I achieve the new CCNP Routing and Switching?

A. If you are currently a CCNP you will automatically become a CCNP Routing and Switching holder in Cisco’s database. Either way, you’ll definitely benefit from educating yourself on the new topics.

Q. What are the recertification requirements for CCNP

A. The CCNP Routing and Switching certification is valid for three years.

And remember, if you do want to get certified before the legacy exams are lost forever – the last day to take them is the 30th January 2015. 

About the Author:       
Sarah writes for Firebrand Training on a number of IT related topics. This includes exams, training, certification trends, project management, certification, careers advice and the industry itself. Sarah has 11 years of experience in the IT industry. 

Five reasons why you’ll want the MCSD: Web Applications


The Microsoft Certified Solutions Developer (MCSD): Web Application certification is one of the four top tier credentials designed for professionals and developers. But let’s see what the biggest reasons are for adding this certification to your collection.  

A proof of your skills and expertise

First and foremost, earning your MCSD won’t just mean adding a fancy four-letter suffix to your name. The MCSD: Web Applications will improve, as well as prove your ability to build high quality applications, which will meet current market criteria, using Microsoft tools, techniques and technologies.
Needless to say, having the MCSD: Web Applications under your belt will significantly increase your hiring chances against your non-certified peers. According to recent studies 59% of managers feel that a certification shows the candidate’s commitment, while 58% think that a certification shows initiative and innovativeness.

Besides developing your own skills and abilities, your MCSD will also positively impact on your organisation’s and/or team’s performance.

Great earning potential

MCSDs in general bear great financial benefits and the Web Applications certification is no exception. According to the salary trend shows a solid average of £40,000 per annum, however you can also see that the top 25th percentile range has been around and above £50,000 a year for the last 4-5 years.


Develop Windows Store apps for a higher commission

In hope of catching up with Google Play and Apple’s AppStore, Microsoft is offering a rather generous commission for developers creating and selling their applications through the Windows Store. The starting revenue share base is 70%, i.e. Microsoft takes a 30% fee/commission for offering the app in the Windows Store. However this becomes an 80%-20% split once an app has achieved $25,000.
So if you’re an (aspiring) app developer, this is a fantastic opportunity to cash in on your expertise. For more information read the App Developer Agreement.

The age of HTML5

HTML5 is the latest revision of the HTML standard and since the end of 2012 it is a candidate recommendation of the World Wide Web Consortium. HTML5 reduces development time; therefore it is cheaper and faster than its predecessors, not to mention that it is also mobile friendly.

The MCSD: Web Applications teaches you how to create style and develop HTML5 pages, and use HTML5 APIs to add interactive features to a web application. These skills will certainly put you in the camp of HTML5 developers, who are currently in very high demand.

Cloud business with Azure

A few years ago cloud computing was just a buzzword, rather than a key piece of the IT jigsaw. However, over recent years the cloud has become one of fastest growing, most versatile technologies and of course cloud professionals are also in high demand.

Azure is Microsoft’s cloud platform created for building, implementing and managing apps and services through a network of datacentres supervised and managed by Microsoft. With the MCSD: Web Applications, you’ll be a master of Azure. You’ll learn everything from creating and coding Azure services to configuring Azure diagnostics.

There you have it, five reasons why should not think twice about getting your MCSD: Web Applications certification. The sooner you get it, the sooner you can enjoy these benefits. 

About the Author:       
Sarah writes for Firebrand Training on a number of IT related topics. This includes exams, training, certification trends, project management, certification, careers advice and the industry itself. Sarah has 11 years of experience in the IT industry. 

Monday, 1 September 2014

Do Microsoft’s exam extensions affect you?


Microsoft has extended the availability of a large number of exams for soon to be legacy certifications: MCITP, MCTS and MCPD.

Originally due to expire on July 31st this year, the following exams will now be available until 31st July 2015:

MCTS - Microsoft Certified Technology Specialist

Exam 70-177: Microsoft Project Server 2010, Configuration

Exam 70-433: Microsoft SQL Server 2008, Business Intelligence Development and Maintenance

Exam 70-511: Microsoft .NET Framework 4, Windows Applications Development

Exam 70-513: Microsoft .NET Framework 4, Service Communication Applications

Exam 70-515: Microsoft .NET Framework 4, Web Applications Development

Exam 70-515: MCTS: Microsoft .NET Framework 4, Data Access

Exam 70-663: Microsoft Exchange Server 2010, Configuring

Exam 70-662: Microsoft Exchange Server 2010, Configuring

Exam 70-667: Microsoft SharePoint 2010, Configuring

MCITP - Microsoft Certified IT professional

Exam 70-450: Designing, optimizing, and maintaining a database administrative solution using Microsoft SQL Server 2008

Exam 70-451: Designing Database Solutions and Data Access Using Microsoft SQL Server 2008

Exam 70-699: Windows Server 2003, MCSA Security Specialization Skills Update

Exam 70-668: Microsoft SharePoint 2010, Administrator

MCPD - Microsoft Certified Professional Developer

Exam 70-518: Designing and Developing Windows Applications Using Microsoft .NET Framework 4

Exam 70-519: Designing and Developing web applications Using Microsoft .NET Framework 4

What next?

The extension of these exams means you now have more time to achieve your MCPD, MCITP or MCTS certification. Visit us to see what other Microsoft certs are available.

About the Author:       
Sarah writes for Firebrand Training on a number of IT related topics. This includes exams, training, certification trends, project management, certification, careers advice and the industry itself. Sarah has 11 years of experience in the IT industry. 

Wednesday, 27 August 2014

Frequently Asked Questions about MCSE: Private Cloud


The MCSE: Private Cloud certification demonstrates your skills in deploying and managing Microsoft private cloud computing technologies. But what exactly is covered in this certification and what are the benefits of attaining MCSE: Private Cloud? In this post you’ll get all the answers to these and other frequently asked questions about the MCSE: Private Cloud certification.
What’s covered in MCSE: Private Cloud?

Microsoft’s private cloud solutions are built and managed through Windows Server 2012 R2 and System Centre 2012 R2, allowing you to maximise the flexibility of your IT infrastructure.

The MCSE: Private Cloud teaches you the following skills:
  • Configuring and deploying the cloud fabric.
  • Building the core components necessary for delivering services on the fabric.
  • Configuring data centre process automation.
  • Allocating resources to a cloud and grant access to a cloud.
  • Configuring a PXE server, an update server as well as a software update baseline.
  • Configuring Microsoft Server Application Virtualization (App-V).
  • Understanding how to monitor clouds using Operations Manager.
  • Understanding the tools necessary to extend and customize Operations Manager for cloud environments.
  • Setting up, configuring, and integrating the core components of Service Manager into a cloud fabric.
  • Configuring a service catalogue, and publishing it to the Self-Service Portal
Who is the MCSE: Private Cloud certification for?

The MCSE: Private Cloud is ideal for server administrators, network administrators and data centre administrators working with Microsoft technologies. This certification validates their skills in designing, installing and configuring private cloud infrastructures.

Are there any other cloud certifications from Microsoft?

Currently the MCSE: Private Cloud certification is the only strictly cloud-related credential available from Microsoft, however it would not be surprising if there were new ones coming in the next year or two.

How can I get MCSE: Private Cloud certified?

Building your private cloud requires an in-depth understanding of Windows Server 2012 and System Centre 2012. Therefore, as a prerequisite to getting this certification, you need to already hold your MCSA: Windows Server 2012.

Once you have completed the prerequisite certification, you can work towards the MCSE> Private Cloud. This involves passing the following exams:
  • Monitoring and Operating a Private Cloud with System Center 2012 Exam 70-246
  • Configuring and Deploying a Private Cloud with System Center 2012 Exam 70-247
How can I prepare for the MCSE: Private Cloud?

There’s a great set of resources that will help you with your preparation.  If you need exam help, visit the Microsoft Virtual Academy and/or watch the following preparation session from TechEd North America 2014:

If you’re after something more thorough, check out Keith Mayer’s comprehensive guide to building a private cloud in just one month. You’ll find loads of great articles, videos and ebooks here. 

What are you waiting for? Leave the world of public clouds behind and build your very own private cloud to ensure that your data stays safe.

About the Author:       
Sarah writes for Firebrand Training on a number of IT related topics. This includes exams, training, certification trends, project management, certification, careers advice and the industry itself. Sarah has 11 years of experience in the IT industry. 

Friday, 22 August 2014

5 ways to prepare for your CompTIA A+ Exams you didn't consider


Many an IT professional’s career has been built upon the solid foundation of knowledge that comes from achieving CompTIA’s A+ qualification. In fact, over 925,000 people around the world have achieved the A+ over the past 20 years.

Several major brands – like Dell, HP and Lenovo – require that their channel technicians are A+ certified in order to service their products.  It is also supported by government branches like the US Department of Defence.

Plus, the skills you’ll pick up from this certification are vendor neutral, making them infinitely useful across your entire career.

The A+ proves you have a good level of knowledge and troubleshooting skills needed to provide capable support to personal computers.

There are other ways to revise for the A+
Image courtesy of cohdra/morgueFile

Get A+ certified

In order to don your A+ badge with pride, you’ll have to pass two exams:

          CompTIA A+ Essentials, exam code 220-801
o   Which covers basic computer concepts, PC hardware, basic networking, soft skills and safety
         CompTIA A+ Practical Application, exam code 220-802
o   Which covers operating systems, security, mobile devices and troubleshooting

Each exam takes 90 minutes and you can expect to complete around 90 questions per test.

But, just because it’s an entry level certification, don’t think it’s a push-over. Perhaps the worst thing you can do is have misplaced confidence, if you don’t prepare for the exam, there’s a good chance you won’t pass.
So if you’re gearing up to take A+ or your 3 year A+ recertification is coming up – here are some ways to prepare you might not have considered:

      1. Dive into your desktop

The A+ assesses your knowledge of personal computer components like: motherboards, processors, memory, storage devices, power supplies, laptops and portable devices.

This focus on computer hardware gives you the perfect opportunity get your hands dirty. Revision doesn’t have to just involve stooping over a study book – exploring real hardware can be a valuable, effective and enjoyable method of studying for this section of the A+.

Chances are you probably own a desktop computer, or at least have one somewhere in your house. If not, ask around for an old computer (it doesn’t have to work, it just has to be fairly intact). Get yourself a screwdriver and start dismantling the machine – don’t go overboard though, if you don’t know how to reassemble the hardware - but still need to use the PC- don’t take it apart to begin with.
Here’s a quick guide on how to disassemble your PC.

If you can find an old dilapidated desktop computer or printer, dismantle it as much as you can. The more familiar you are with the inner-workings of computers, laptops and printers – the better prepared for the exam you’ll be.

Even if you can’t dismantle the whole computer, you’ll still be able to identify the components you know and research the ones you can’t recognise. It’s a fun diversion to typical revision and will definitely translate into a better exam score.

      2. Make friends with Professor Messer

Check out Professor Messer’s CompTIA A+ guide on YouTube, you won’t be disappointed. These quality, in-depth videos are an absolutely brilliant study resource.

Oh, and they’re all totally free. You won’t need to register either – everything is uploaded full-length on YouTube. You won’t have to give over any of your time or money.

Each video segment is around 20 minutes, enough time for a very in-depth lecture. Grab your notepad and a cup of coffee and settle in. It may take several viewings to really embed the stuff in your brain but once again, it’s a great, more passive alternative to poring over a textbook all day.

      3. Don’t trip up on the legacy questions

You’ll undoubtedly find some topics in the A+ exam harder than others. That being said, the legacy/older information is sometimes neglected and definitely could trip up students who aren’t prepared for it.

The CompTIA A+ does still cover outdated hardware. You could get a question on floppy disks (yes, really). It’s unbelievable but it could happen, don’t just gloss over these sections when revising – you never know which parts of the curriculum will show up in the exams.

      4. Know the question style

You can expect 3 distinct question types on the two exams:

Multiple choice with single answer – you will be required to select a single answer from a range of options (generally 4-5) by clicking a radio button.

Multiple choice with multiple answers – you’ll have to select a range of options from a given set to get the mark.

Fill in the blank - select the missing text to complete the sentence (essentially a multiple choice question in a different format).

      5. Check out Firebrand Learn

We’ve uploaded our entire A+ courseware on Firebrand Learn. It’s all totally free and you don’t even have to register to access it. If you’re looking for a comprehensive catalogue of everything you need to learn, this is your best bet.

Plus, as this courseware makes up part of Firebrand Training’s A+ syllabus – get trained with Firebrand  and you’ll be more than prepared to score an A+ on the A+ (sorry). 

About the Author:       
Alex writes for Firebrand Training on IT and certification related topics. He also serves as the in-house designer at Firebrand's Regent Street office.  

Thursday, 21 August 2014

The tech that gets you (A-level) results


Thursday 14th August marked the day students across the country received their A-level results. But it wasn’t just stressful for the students - take a moment to appreciate the titanic task of UCAS’ IT team working behind the scenes.

The Universities and Colleges Admissions Service (known to us as UCAS) is responsible for managing all university and college applications. It processes over 650,000 applications a year with the service peaking massively in mid-August.

And this time last week, UCAS sprang into action for what was undoubtedly one formidable working day.

Comprised of about 20 people, UCAS’ Joint Operations Centre (JOC) features the organisation’s IT director, systems operations staff, architects and workers from suppliers such as Amazon, Microsoft and Oracle.

The JOC works with operational intelligence provided by machine data indexer, Splunk. Following a migration to the cloud, UCAS has been using Splunk to monitor its IT infrastructure (the migration actually won a Computer Weekly User Award).

Before the introduction of this cutting-edge tech, UCAS was faced with the monumental challenge of searching and visualising a massive volume of machine-generated data. Now, with the introduction of Splunk, UCAS can troubleshoot, manage performance and use analytics to support the IT team.

'Artists' intepretation
Image courtesy of Grafixar/morgueFile

Ensuring an uninhibited service is paramount. No more so than during Thursday’s ultra-peak time, where thousands of students will be simultaneously accessing information through UCAS’ Track portal.

Splunk Enterprise is deployed across 40 servers and about 70 log sources, which are in turn deployed through Amazon Web Services. By indexing, searching, alerting and reporting on data from across UCAS’ entire infrastructure, Splunk provides the JOC with a series of visualisations of their performance, key operational metrics and the queries they are running.

Keeping the system operational is a considerable challenge – last year saw the Track system, hosted on the Microsoft Azure cloud service, dealing with more than 180 logins per second.

The operation is based in Cheltenham, where 10 gigantic screens monitor the entire system. Two of these screens are devoted to Splunk which in turn has 10 dashboards created through queries in the software. Some dashboards are devoted to tracking the response time on an applicant enquiry whilst others display response time over a 24-hour period.

Like the phoenix, ‘UCAS lives and dies on one day a year,’ states Peter Raymond, Enterprise IT Architect at UCAS.

Chances are, it’s wasn’t just students experiencing sleepless nights last week.  

About the Author:       
Alex writes for Firebrand Training on a number of IT related topics. This includes exams, training, certification trends, project management, certification, careers advice and the industry itself.  

Here's why every organisation needs an ethical hacker


Protecting sensitive information should be every business’ number one priority, especially when high-profile data breaches are becoming increasingly common. But what can organisations do when cyber-attacks become more and more sophisticated and hackers are able to steal 1.2 billion username and password combinations? Well, as the well-known adage says “the best defence is a good offence”, so it’s time to recruit your in-house (ethical) hacker, if you want to keep your data safe.

Ethical Hacking from a company’s perspective

Every organisation is different; with different goals and objectives, different ways of operating, different websites, and of course different potential vulnerabilities.

By definition “an ethical hacker is a computer and network expert who attacks a security system on behalf of its owners, seeking vulnerabilities that a malicious hacker could exploit.” The process of performing such attacks is called penetration testing and it allows companies to remediate critical vulnerabilities.

Tests like this are quite costly, normally starting from around £2,000 for a small company and increasing in proportion with the size of the organisation. These expenses are often hard to justify, especially for those who do not understand the magnitude of potential damages caused by a security breach.

Do you know the average cost of an attack? According to IDG Research a single hack can cost your small or medium sized business up to £600,000 before mitigation even begins. Not to mention the damage to brand reputation.
Photo courtesy of chanpipat/

Hire a hacker to protect you

It’s better to be safe than sorry, now is the time to get an ethical hacker on board. But bear in mind that penetration testing is sensitive work and you need to be confident about who you are dealing with.

A Certified Ethical Hacker (CEH) is an expert in the fields of penetration testing, as well as everyday network and application security. They will be able to perform session hijacks, SQL injections, mobile platform hacks and other critical tasks to discover your network’s weak spots, including physical security, such as access to server rooms.

Tools, trick and techniques for future ethical hackers

Do you think your organisation could benefit from having an ethical hacker on board? Then why hire someone external, develop your own ethical hackers instead. The CEH course will teach your employee(s) the most up-to-date techniques to hack into the latest operating systems, such as Windows 8.1. They will learn practical skills, enabling them to thoroughly test your systems and ensure that vulnerabilities are patched.

Retrieving malware directly from hosting locations, tracking devices through Wi-Fi or Bluetooth or improving penetration test effectiveness – these are all possible with the help of some of these new tools, introduced at Black Hat USA 2014.

Are you interested in more of the latest methods and ways to protect against hackers? Don’t miss out on the European edition of Black Hat 2014, this October in Amsterdam.

Will you wait until it’s too late?

According to Katy Reynolds, a security consultant for Context Information Security, “there is a tendency for companies to bury their heads in the sand as no one wants to believe they are vulnerable to hackers or identify that money must be spent to fix potential problems,” which often brings devastating results.

What will your company do?

About the Author:       
Sarah writes for Firebrand Training on a number of IT related topics. This includes exams, training, certification trends, project management, certification, careers advice and the industry itself. Sarah has 11 years of experience in the IT industry.