7 Essential Questions to Ask When Hiring an IT Security Consultant

By March 6, 2014Articles, Media

Daniel Humphries Managing Editor at at Software Adviceby Daniel Humphries
Managing Editor, Software Advice
March 06, 2014
Original link at http://blog.softwareadvice.com/articles/security/questions-to-ask-when-hiring-security-consultants-0314/

Questions to Ask Before Hiring an IT Consultant

 

Having an in-house security team may be too expensive for most companies, but that doesn’t mean that securing your business should be any less of a priority. I recently joined a trio of security experts who spoke with Software Advice’s IT Security analyst Daniel Humphries to help him identify the most important questions to ask before considering an IT security consultant. Here are some of the questions I suggested to help you select the right person for the job:

1. Will you train my employees in the new security measures?

End users can be a company’s biggest worry, as they are the “low-hanging fruit” that hackers will target.

2. What related experience do you have?

I advised to ask the consultant for specific “war stories” that qualify them for the job. This way you know exactly what the consultant has done in the past, as opposed to what they could hypothetically do for you.

Also ask the consultant to make analogies for you, so that you can better understand his technical lingo.

3. Who should I expect to come in and do the hands-on work?

Knowing who is going to end up performing the security work is important. I suggested that you Google the consultant’s name as a way to verify that there are no obvious red flags that you need to worry about.

4. Should certifications matter to you?

This is a topic that will bring many passionate opinions out of consultants, and the answer is up to the individual. My advice is that while over-reliance on certifications is unwise, ultimately certifications are not a bad thing to have, and in fact may be valuable tests of knowledge- particularly at the advanced level. Other experts think that practical experience is the only thing that should sway your decision to hire someone or not.

“You can read more of my interview with Software Advice about hiring an IT security consultant here.

tcutler
Lets Connect

tcutler

VP of Cybersecurity at SIRCO
I’m Terry Cutler, the creator of Insider Secrets from an Ethical Hacker on Internet Safety …That’s a system that’s been used to help defend corporations and individuals from cyber threats.
 
I’m a government cleared cybersecurity expert (a Certified Ethical Hacker), and the Vice-President of Cyber at SIRCO, an investigations and protections firm in Montréal, Canada.
 
I’m also a frequent contributor to National & Global media reportage about cyber-crime, spying, security failures, internet scams, and the real social network dangers that families and individuals face every day.
tcutler
Lets Connect

Author tcutler

I’m Terry Cutler, the creator of Insider Secrets from an Ethical Hacker on Internet Safety …That’s a system that’s been used to help defend corporations and individuals from cyber threats.   I’m a government cleared cybersecurity expert (a Certified Ethical Hacker), and the Vice-President of Cyber at SIRCO, an investigations and protections firm in Montréal, Canada.   I’m also a frequent contributor to National & Global media reportage about cyber-crime, spying, security failures, internet scams, and the real social network dangers that families and individuals face every day.

More posts by tcutler