QOTD - Schneier on Hiring Hackers

Hacking is primarily a mindset: a way of thinking about security. Its primary focus is in attacking systems, but it's invaluable to the defense of those systems as well. Because computer systems are so complex, defending them often requires people who can think like attackers.
Admittedly, there's a difference between thinking like an attacker and acting like a criminal, and between researching vulnerabilities in fielded systems and exploiting those vulnerabilities for personal gain.
[...]
An employer's goal should be to hire moral and ethical people with the skill set required to do the job.
-- Bruce Schneier, Chief Security Technology Officer of BT Global Services
Src: Weighing the risk of hiring hackers | TechTarget.com

No comments: