Login to your account

Username *
Password *
Remember Me

Create an account

Fields marked with an asterisk (*) are required.
Name *
Username *
Password *
Verify password *
Email *
Verify email *
Captcha *
Reload Captcha

Should you trust a criminal with your cyber security?

Written by  Guest Contributor - Miles Blackham Cyber Security Expert Aug 30, 2019

The UK cyber security services market is one of the most advanced in the world.

It has benefited from the investment in training and high standards of education to produce a significant numbers of cyber security professionals, well-structured career pathways have been created to promote professional practices, underpinned by codes of conduct and ethics that are both meaningful and enforceable.

This maturity in the market has put the emphasis on the recruitment of trained, educated individuals who understand career structures and ethics, rather than a “hire the hacker” approach.

The practice of using ex-offenders is carried out with great care in other industries and the cyber security industry should be very careful, but also have an open minded approach. As an industry we need to take steps to ensure they are supported so that they do not reoffend. The codes of conduct and ethics are an important aspect in ensuring that this is carried out in a structured environment.

ransomwareAlso see: Ransomware attacks on UK businesses rise dramatically

There is also a significant number of individuals who have come to the attention of law enforcement, but have not been charged or prosecuted. The industry must be very careful how it deals with these individuals. It would be inappropriate to exclude them from career opportunities, and again the meaningful and enforceable code of conduct and ethics are essential to manage these individuals.

Some of the people who have come to the attention of law enforcement, but have not been formally cautioned or charged, are young. Again, the UK is leading the world in this area. Working with the National Crime Agency (NCA) and the Metropolitan Police, not-for-profit accreditation and certification body Crest is developing practices to provide a  secure environment for these individuals who are often young and can be tempted to take the wrong path and end up committing serious cyber crimes.

The industry has a moral responsibility to help support these initiatives, and encourage future development in a positive way.

The use of former cyber criminals is regularly used when companies employ individuals to test out their cyber defences. Former cyber criminals are well versed in the activity of penetrating systems and have hands-on experience of bypassing security controls.

The risks of using someone who is operating outside the law and outside ethical bounds are obvious. In the past breaking into systems and bragging about the crimes they have committed and ending up with a criminal record is not the way forward.

Often times their previous activities were mistakes and many cyber criminals have learnt from this and want to offer a professional approach to their work and move on from the past.


Popular Cyber News

Jun 12, 2020 Cyber Security

NHS email service fooled users in phishing attack

NHS Digital is contacting users of its NHSmail email system after a small number of mailboxes were compromised in a gene...

Jun 09, 2020 Cyber Threats

Common types of cyber-attacks and how to avoid them

With cyber-attacks on the rise, businesses are constantly worried about losing vital data and the threat is very real. ...

May 25, 2020 Cyber Security

Beware of security threats before deploying remote working

Remote working is receiving a great deal of attention recently for obvious reasons. The world has changed and remote wor...

Jul 23, 2020 Cyber Security

Many cyber attacks on UK sports industry says report

At large percentage of sporting institutions, organisations and teams in the UK have suffered a security incident in the...

May 07, 2020 Cyber Security

Three quarters of UK homeworkers haven't received cybersecurity training

As Covid-19-related cybersecurity threats continue to multiply, three in four of home workers are yet to receive any cyb...

May 05, 2020 Cyber Security

The importance of cybersecurity for UK businesses

Technology is constantly changing and at a pace which is hard to keep up with, but 'safety first' always applies. ...

May 18, 2020 Cyber Security

UK power grid operator Elexon hit by cyberattack

The UK’s power grid middleman Elexon has announced it has fallen victim to a cyberattack, which did not compromise pow...

May 27, 2020 Cyber Security

UK scared cybercriminals will use NHSX Covid-19 Tracing App to launch attacks

Nearly half (48%) of the UK public surveyed about the NHSX COVID-19 tracing app do not trust the UK government to keep t...

Apr 16, 2020 Cyber Security

Cybersecurity lessons to be learnt from the Pandemic

It may not be obvious, but the spread of information on computer networks is like disease processes. ...

Jun 08, 2020 Cyber Security

Ransomware attack compensation: What the UK public think

UK consumers believes businesses should stand their ground having suffered a ransomware attack and refuse to negotiate w...

Jun 06, 2020 Cyber Security

Phishing attacks on companies using PBX systems increases dramatically

While video conferencing solutions have become the prime targets for hackers recently following the shift to remote work...

Jun 12, 2020 Cyber Security

Cybersecurity in the shortsighted gig economy

The ‘gig’ economy encompasses the increasing economic trend for professionals to take on a series of temporary work ...

Jun 11, 2020 Cyber Security

UK government to fund nine cyber security projects

The government is to invest £10m through March 2024 from various sources to fund nine academic cyber security projects ...

Apr 17, 2020 Cyber Security

SonicWall launches boundless cyber security platform

SonicWall has released a new boundless cyber security platform to protect companies and government agencies remote workf...

May 22, 2020 Cyber Security

EasyJet will be sued over customer data breach

Legal firm PGMBM, a specialist in group legal action, has issued a class action claim under Article 82 of the General Da...

Jul 21, 2020 Cyber Security

UK number two country for targeted cyberattacks

The UK is the second most frequent target of “serious” cyberattacks, according to a new report from cybersecurity fi...

Symantec Home 120x60