We hope you’ve enjoyed reading our internal spotlight series on Delta Dental’s Information Security. (In case you missed any content, check out our article on employee training and compliance and our article with insights from our Director of Information Security.)
Did you ever think you’d be thankful to read the term “hacker”? If not, we may have a new perspective for you. Meet Chad Greiner, Security Engineer III and Certified Ethical Hacker (CEH) in training, and see how he’s going the extra mile to protect your clients’ privacy.
Q: How long have you been with Delta Dental, and what other jobs have you held in your field?
A: I’ve been here for about six years. Before joining this team, I worked for a medical alert device company. I served as the main administrator for their entire IT operation.
Q: You’re training to become a CEH. Are there any other certifications you have or plan to earn?
A: Yes, I’m a Certified Information Systems Security Professional (CISSP). The CISSP seems sort of like a generalized job title, but it’s actually a comprehensive certification. To sit for the exam, you have to have about five years’ worth of work experience, be recommended by a fellow CISSP in good standing and re-certify every three years. The CEH is kind of an extension of the CISSP, except it focuses on strategies to help you think like a criminal — so you’re better armed to prevent a cyberattack.
Q: With that said, do you think the CEH is a controversial certification?
A: We don’t view it as controversial within the security industry. My perspective is that any type of attack is a crime, so in any criminal field, you need to understand the people you’re trying to catch or obstruct to be effective at your job.
Q: That makes sense. How would you respond to criticism that the title “ethical hacker” is an oxymoron?
A: In my mind, intent is what makes an action ethical or unethical. I’m not necessarily learning how to break things; instead, I’m learning how things can be broken to prevent breaches in security from occurring.
Q: What do you think is the most important aspect of your CEH training?
A: Learning about what tools are out there has been extremely important. Early on in my career, there weren’t as many “hacking” opportunities readily available to experienced cybercriminals, let alone the average person. The way technology is evolving has made it easier to access private information — so it’s that much more important to learn every defense against cyberattacks that we can.
Q: Why do you think being a CEH is particularly valuable to an analyst within an organization like Delta Dental?
A: Knowing what to protect against — knowing what avenues people can take in an attack — is critical. It’s really the first and most important step in securing private information. Clients can have confidence in knowing that, with a CEH, we’re able to get into a criminal’s mindset and get a step ahead of them.
Thanks for reading our series on Information Security! Stay tuned for more client news and insights from Delta Dental.