Interview: Inside the World of Ethical Hackers

“Being an ethical hacker isn’t just a job. It’s a mindset and a responsibility in an increasingly digital world.” Marek Paták recently joined a podcast interview to share what ethical hacking really looks like in practice. 

Here is a shortened version of the interview:

Q:
What does it actually mean to take care of hackers?

A:
It’s actually not that far from what people imagine 😊 Sometimes I joke that I’m like a shepherd and the hackers are my “sheep.” In reality, it means making sure they have the right working conditions, interesting projects, and that their work makes sense. At the same time, I focus on their overall satisfaction—whether it’s the environment, benefits, or company culture. When they’re happy, they can deliver top-quality work for our clients.

Q:
Is it an advantage that you’re not a hacker yourself?

A:
Yes, I see it as an advantage. This role is more about management and working with people than hands-on hacking. I don’t think the best manager of hackers has to be the best hacker. I originally studied translation and interpreting, and I moved into IT through project management. This field found me naturally, and today I manage a team of ethical hackers. Having that broader perspective is actually very valuable.

Q:
Can someone switch from a “black hat” to a “white hat”?

A:
In theory, yes—but in reality, it doesn’t happen often. Most people decide early on which path they want to follow—whether to use their skills for good or bad. Companies are also very careful about who they work with. If someone has a questionable past, trust is hard to rebuild.

Q:
How did you get into this field?

A:
I started as a project manager and was looking for a change. The company I work for today reached out to me, and when I came in for what was more of a friendly conversation than an interview, I immediately felt that this was the right place for me. The people, the culture, and the topic itself really resonated with me.

Q:
What do hackers need to do their job?

A:
The basics are strong internet and multiple monitors, where they can run various tools and programs. But beyond that, it’s also about everyday things—good coffee, a comfortable environment. Sometimes there are funny requests, like having a hot tub 😊 but ultimately, it’s about creating conditions where they can fully focus and perform at their best.

Q:
Do we have enough ethical hackers?

A:
Definitely not. Demand is growing, and there’s still a shortage of skilled professionals. Our doors are open all year round. If someone is motivated and wants to improve, we’re happy to welcome them. Cybersecurity is becoming more and more important, and that trend will only continue.

Q:
What should a junior know?

A:
First of all, they need to be genuinely interested. This isn’t just a job you clock in and out of—it’s more of a lifestyle. A good hacker is curious, constantly thinking about how things work and how they can be broken or improved. They follow new technologies, practice in labs, earn certifications, and keep learning all the time.

Q:
Is hacking a male-dominated field?

A:
For now, yes—but it doesn’t have to be. We have women on the team, and they’re excellent. They often bring a different perspective and can spot vulnerabilities others might miss. We’re open to everyone, regardless of gender or background.

Q:
Is it a dangerous job?

A:
Not in the traditional sense. It’s more about responsibility. When you’re testing a system, you need to be thorough and make sure nothing critical is overlooked. It’s about precision and quality.

Q:
How do you verify people?

A:
We run background checks. We verify education, experience, and overall credibility. It’s essential because these people work with sensitive systems. At the same time, we also try to understand who they are as individuals and whether they fit into the team.

Q:
Can you judge someone at first sight?

A:
To some extent, yes. Communication, behavior, and overall impression can tell you a lot. Of course, it’s not 100%, but experience helps you develop a certain intuition.

Q:
What does a hacker actually do?

A:
It’s a very broad field—web and mobile applications, infrastructure, cloud, social engineering. No one can master everything, so we work in teams where each person specializes in something different. That diversity is what makes the results strong.

Q:
How do security tests work?

A:
Often in secrecy. Sometimes only a few people on the client’s side know about them. We test not just systems, but also human behavior. And that’s where interesting situations happen—people sometimes let us into places they shouldn’t, simply because they want to be helpful.

Q:
How should employees react?

A:
They should always verify. If a stranger shows up, check who they are, why they’re there, and whether they’re authorized. Don’t automatically trust someone just because they seem nice. Security is largely about common sense.

Q:
Is a strong password enough?

A:
Not anymore. Even a very strong password isn’t 100% secure. Two-factor authentication (2FA) is essential. Even if someone gets your password, they won’t get access without the second factor.

Q:
How do you protect yourself?

A:
I’m careful about which apps I use, where I enter my credentials, and how I make payments online. It’s about habits and awareness.

Q:
Is it mentally demanding?

A:
Yes, because you have to keep learning constantly. Technologies evolve, new threats emerge, and you need to stay up to date. There’s no point where you can say, “I know everything.” It’s a continuous process.

Q:
Is hacking “cool”?

A:
Yes, It sounds interesting, and people are curious about it. But more importantly, it has purpose. You’re helping make the world more secure.

Q:
What’s the bigger purpose?

A:
It’s similar to other essential professions—maybe not always visible, but very important. Ethical hackers help prevent problems and protect the digital world.

Q:
Are hackers under pressure?

A:
Yes, but it’s part of their mindset. They want to stay ahead, follow new threats, and constantly improve. It’s natural for them.

Q:
What are the biggest threats today?

A:
Definitely phishing and social engineering. Anyone can become a target. People need to be careful about what they click, what they share, and how they behave online. Many think it won’t happen to them—but in reality, anyone can be targeted.