In a world where online attackers laugh in the face of legislation and jurisdiction, the best way to protect yourself might be to hire someone to identify your problems first. But why hire a single hacker when you can hire a team of them?
We frequently hear of organisation that have been hacked or their security homework done for them. Soon after, when the perpetrator or good-guy hacker (who is often a professional themselves) is "caught," onlookers shake their head and wonder why no one hired them to put their skills to good use. There are challenges to doing so, such as questioning the ethics of these hackers, defining the scope of systems they are allowed to test, and ensuring they don't simply run off and sell their exploits on underground markets.

The link for this article located at ZDNet Blogs is no longer available.