Keeping Hackers out of the Workplace

by Dice Staff Aug 31, 2009 2 min read

Could the guy in the next cubical be a criminal hacker? Managers may observe his on-the-job behavior to find out. in a recent Network World article, M.E. Kabay outlines the personality traits of these ne'er do wells: They're narcissistic, display a sense of entitlement, and often crave power and recognition from their peers.

Hacker Kabay thinks IT professionals be subjected to rigorous pre-hire screening processes, especially if they have a history of hacking, to keep employers from hiring the wrong type of programmers, network administrators and security personnel.

I recommend the following precautionary measures be added to the usual hiring scrutiny when a candidate has revealed a questionable (criminal or borderline) hacking past (or present) or been discovered through a background check to have been or be involved in such hacking:

Challenge the candidate openly and directly during an early interview about their actions; watch and listen carefully to evaluate the degree of honesty and insight with which the candidate discusses his or her past behavior.

Ask the candidate to analyze a specific instance (which you select for discussion) of their past behavior from an ethical perspective; evaluate their depth of understanding of the ethical issues and of the ethical-reasoning process.

Pose a hypothetical case involving a technically gifted employee who is badly treated by a supervisor and comes to feel abused. Ask the candidate to describe how such an employee might feel and what actions the employee might use to act on his resentments. Evaluate whether the candidate sympathizes with or approves of retaliatory behavior (you are looking for a sense of entitlement).

Describe a case of criminal hacking in which someone's personally identifiable information is stolen and used for identity theft. Ask the candidate to describe how the victim might feel. Look for signs of empathy (or its absence).

In conclusion, Kabay offers this recommendation: "So before you hire a hacker, verify, then trust, then verify."

Will Kabay's suggestions keep hackers out of the workplace? Share your thoughts by posting a comment below.

-- Leslie Stevens-Huffman

Kabay thinks IT professionals be subjected to rigorous pre-hire screening processes, especially if they have a history of hacking, to keep employers from hiring the wrong type of programmers, network administrators and security personnel.

I recommend the following precautionary measures be added to the usual hiring scrutiny when a candidate has revealed a questionable (criminal or borderline) hacking past (or present) or been discovered through a background check to have been or be involved in such hacking:

Challenge the candidate openly and directly during an early interview about their actions; watch and listen carefully to evaluate the degree of honesty and insight with which the candidate discusses his or her past behavior.

Ask the candidate to analyze a specific instance (which you select for discussion) of their past behavior from an ethical perspective; evaluate their depth of understanding of the ethical issues and of the ethical-reasoning process.

Pose a hypothetical case involving a technically gifted employee who is badly treated by a supervisor and comes to feel abused. Ask the candidate to describe how such an employee might feel and what actions the employee might use to act on his resentments. Evaluate whether the candidate sympathizes with or approves of retaliatory behavior (you are looking for a sense of entitlement).

Describe a case of criminal hacking in which someone's personally identifiable information is stolen and used for identity theft. Ask the candidate to describe how the victim might feel. Look for signs of empathy (or its absence).

In conclusion, Kabay offers this recommendation: "So before you hire a hacker, verify, then trust, then verify."

Will Kabay's suggestions keep hackers out of the workplace? Share your thoughts by posting a comment below.

-- Leslie Stevens-Huffman