As a former computer forensics detective at New Scotland Yard, I’m often asked for my views on whether or not companies should hire ex-hackers so that they can carry out ethical hacking exercises themselves. Hacking is very much a criminal offence. One that is considered serious enough to carry a maximum jail term of five years. To my mind, private sector organisations should not employ a self-confessed criminal in a role associated with that crime. Would you employ a former conman in a bank, or a convicted paedophile in a children’s home?
Security is as much about integrity and ethics as it is about technology. For that reason alone, companies should never, repeat never be looking to hire ex-hackers. They have been warned.
Simon Janes, International Operations Director Ibas
