Sir – There’s been much news of late about Daniel Cuthbert – the infamous Tsunami fund-raising web site hacker – managing to land a new job with security company Corsair.

As a former computer forensics detective at New Scotland Yard, I’m often asked for my views on whether or not companies should hire ex-hackers so that they can carry out ethical hacking exercises themselves. Hacking is very much a criminal offence. One that is considered serious enough to carry a maximum jail term of five years. To my mind, private sector organisations should not employ a self-confessed criminal in a role associated with that crime. Would you employ a former conman in a bank, or a convicted paedophile in a children’s home?

Security is as much about integrity and ethics as it is about technology. For that reason alone, companies should never, repeat never be looking to hire ex-hackers. They have been warned.

Simon Janes, International Operations Director Ibas

Source

SMT