A university professor has warned companies against employing hackers because she feels they lack ethical integrity.
Louise Yngstroem, professor of security informatics at Stockholm University made the statement in a university report which claimed hackers moral values are in sharp contrast to those of corporation they enter.
"These people have yet to take a stand with regard to their own integrity, which is not necessarily in line with that of the company. Normally you want an employee to share the company's values," she said in the report.
Some companies take a very different view. In November, SC reported IT security firm Securepoint had hired the alleged author of the Netsky and Sasser worms.
"It's a question of can you let the reformed drunk run the alcohol recovery program," said Mike Davis, senior research analyst at Butler Group. "Are you ethically compromised by hiring an ex-hacker. Does it create a material risk?"
Davis hinted that there may be a regulatory risk in hiring a reformed hacker, something backed by his colleague senior research analyst Andrew Kellet.
"There are two sides. You've got to make the best endeavours to secure your company, but then you have to ask, is employing former hackers safe?" Kellet said. "I suspect the answer is a halfway house – use hackers on a consultancy basis only. Personally, I would be reluctant to hire former hackers, but it depends on the type of business and the individual involved."