If the answer is yes to any of these questions, you might well want to give an ex-hacker the opportunity to get to know your IT network. I think it shows quite a bit of front to advertise yourself as an ex-hacker, using phrases such as "when I was hacking" and "before I was caught." But the point is that when you take on someone like that, you are taking on risk.
In our profession we have a duty of care to employ people who will do the right thing. In our company, we make sure staff are properly vetted and security cleared for good measure. Penetration testers tend to be intelligent people with an intricate knowledge of IT systems, and during a security assessment a degree of trust is imparted to them. In reality, this trust could easily be abused.
These days, the profession is mature enough that there are plenty of well-qualified, talented pentesters with sound ethics. Indeed, there are now excellent training courses available in the subject, some accredited by universities.
One well-known former hacker who spent time in prison was asked why he did it. He said that back in the days when computers were expensive to get hold of, people like him used to find out about network security by examining the live systems of companies, but with the current comparative affordability of computers, it is possible to set up a testing lab on a shoestring budget. Hopefully, he is going to go straight now, but will we ever really know?
I'd never allow an ex-hacker to work for our company on principle alone. Nor should you.
.png&h=140&w=231&c=1&s=0)
.png&h=140&w=231&c=1&s=0)
.png&h=140&w=231&c=1&s=0)
.png&w=120&c=1&s=0)
EDUtech AU
Integrate Expo 2025
.png&w=120&c=1&s=0)
Security Exhibition & Conference 2025
Digital As Usual Cybersecurity Roadshow: Brisbane edition
iTnews Benchmark Security Awards 2025
.jpg&h=140&w=231&c=1&s=0)
.jpg&h=140&w=231&c=1&s=0)
