this thread brings up a really good point, and that is, do you think that nefarious persons/groups like black hat hackers can suddenly "see the light" and work for legitimate network security companies and have access to sensative data including Intellectual Property and be trusted? If I was a customer, the first thing I would ask a netsec company would be "do you employ persons who have been convicted of computer related crimes?" If the answer is yes, then you are seriously risking the welfare of your company by allowing that potential exposure. I know all hackers arent bad (most arent), but ethics play a huge role in this business, and one black mark against a consultant is enough to be shown the door.
JMHO
