The exponential rise in security incidents has caused many businesses to look hard at getting their own houses in order. As part of those efforts, businesses are turning to security consultants to perform audits, penetration testing and other assessments of their systems. But these engagements should be entered into with all the care that a business would use in any other transaction in which a third party is granted access to the companys most sensitive systems and data. In some instances, security consultants create more risk than they resolve.”]