Imagine discovering a hidden vulnerability in a system, only to realize it could expose someone’s entire identity. That’s exactly what happened to Fadzayi Moyo, a woman whose career has taken her from graphic design to the front lines of cybersecurity as an 'ethical hacker.' But here’s where it gets controversial: she doesn’t even like the term 'hacker.' Why? Because, as she puts it, she’s a 'legal thief,' paid to break into systems—with permission. And this is the part most people miss: her journey into this role began long before she even knew what cybersecurity was.
Born and raised in Zimbabwe, Moyo describes her career path as more of a jungle gym than a ladder. From Zimbabwe to South Africa, and finally to Perth, Australia, her trajectory has been anything but linear. Originally trained in graphic design, she never imagined she’d end up in cybersecurity. Yet, during her time in South Africa, she stumbled upon a bug that exposed sensitive personal data—names, addresses, car records—everything needed to steal an identity. At the time, she lacked the vocabulary to explain the severity of the issue, but she knew it was serious. 'I didn’t even have the words to say this isn’t secure,' she recalls.
Years later, after moving to Australia and training in cybersecurity, Moyo was offered a role as a penetration tester. It was then she realized that her accidental discovery in South Africa had been her first foray into ethical hacking. Today, she works as part of the Security, Testing and Assurance Team at Cyber CX, where her job is to legally breach systems to test their security.
But here’s the twist: while she’s hired to hack, she operates under strict guidelines. 'Hacking with authorization is penetration testing, and that’s legal,' she explains. 'Hacking without authorization? That’s just criminal activity.' Yet, even with permission, things don’t always go as planned. Sometimes, she stumbles into systems outside the scope of her test. When that happens, she immediately informs stakeholders—a step illegal hackers wouldn’t take.
And this is where the controversy deepens: Moyo argues that ethical hackers like her are often limited by time constraints, unlike illegal hackers who operate without boundaries. 'We’re time-boxed,' she says. 'They have all the time in the world.' This raises a thought-provoking question: Can ethical hacking ever truly replicate the persistence and creativity of illegal hacking?
Despite the misconceptions fueled by movies—dark rooms, green screens, and hoodies—Moyo’s reality is far more mundane. 'We’re in offices, not dark rooms,' she laughs. 'And you’ll find people like me doing it in heels and dresses.' Her point? Cybersecurity professionals are just as diverse as any other workforce, defying stereotypes at every turn.
So, here’s the question for you: Do terms like 'hacker' unfairly stigmatize professionals like Moyo? And can ethical hacking ever fully match the tactics of those operating outside the law? Let’s discuss in the comments!
