7 Essential Questions to Ask When Hiring an IT Security Consultant

by Daniel Humphries
Managing Editor, Software Advice
March 06, 2014
Original link at http://blog.softwareadvice.com/articles/security/questions-to-ask-when-hiring-security-consultants-0314/

Questions to Ask Before Hiring an IT Consultant

Having an in-house security team may be too expensive for most companies, but that doesn’t mean that securing your business should be any less of a priority. I recently joined a trio of security experts who spoke with Software Advice’s IT Security analyst Daniel Humphries to help him identify the most important questions to ask before considering an IT security consultant. Here are some of the questions I suggested to help you select the right person for the job:

1. Will you train my employees in the new security measures?

End users can be a company’s biggest worry, as they are the “low-hanging fruit” that hackers will target.

2. What related experience do you have?

I advised to ask the consultant for specific “war stories” that qualify them for the job. This way you know exactly what the consultant has done in the past, as opposed to what they could hypothetically do for you.

Also ask the consultant to make analogies for you, so that you can better understand his technical lingo.

3. Who should I expect to come in and do the hands-on work?

Knowing who is going to end up performing the security work is important. I suggested that you Google the consultant’s name as a way to verify that there are no obvious red flags that you need to worry about.

4. Should certifications matter to you?

This is a topic that will bring many passionate opinions out of consultants, and the answer is up to the individual. My advice is that while over-reliance on certifications is unwise, ultimately certifications are not a bad thing to have, and in fact may be valuable tests of knowledge- particularly at the advanced level. Other experts think that practical experience is the only thing that should sway your decision to hire someone or not.

“You can read more of my interview with Software Advice about hiring an IT security consultant here.”

• About
• Latest Posts

Terry Cutler

Founder and Chief Technology Officer at Digital Locksmiths, Inc.

Terry Cutler is the founder of Digital Locksmiths, Inc. - an IT security and data defense firm based in Montreal - and serves as the company's Chief Technology Officer. Terry is a Certified Ethical Hacker who has learned the mindset of hackers and trained in the techniques of "the bad guys" who seek to do harm to corporations and individuals alike.He is responsible for staying on top of the latest trends in cybersecurity and being an advocate for best practices in the identification and eradication of vulnerabilities that leave the customers of Digital Locksmiths susceptible to the most dangerous threats.Another one of Terry's roles is to be a thought leader for Digital Locksmiths by sharing his expert insights about effective digital security strategies and countermeasures through his writings, speaking engagements, and media interviews.

Connect with Terry on Google +

Latest posts by Terry Cutler (see all)

• Monitor, not surveillance, more important role of adults in kids’ online lives, says study. - January 24, 2015
• Terrasse-Vaudreuil’s website one of many hacked - January 24, 2015
• Crossing the “online” into cyber bullying - December 31, 2014