Here’s why: Hackers are sophisticated. They constantly devise new ways to steal your valuable, confidential and proprietary information or destroy your business.

Even if their intent is not to steal your data, they can infiltrate your computer systems for illegal purposes such as storing stolen financial data. They may even launch attacks against other organizations—and use your systems to do so (your lawyers may tell you that you are liable).

Therefore, IT professionals must—continuously—update their knowledge and skills in order to stay abreast of, and combat, the latest attack techniques.

Be sure IT Pros who advise you about IT security have earned the CISSP Certified Information Systems Security Professional (www.isc2.org/cissp).

If you ever have an IT audit, insist that the auditor possess a current CISA Certified Information Systems Auditor credential (www.isaca.org/cisa).

If your organization processes, stores, or transmits credit card or debit card data, then the PCI DSS Payment Card Industry Data Security Standard applies to your organization. Be sure you require anyone who assists you with PCI to have their PCI QSA Qualified Security Assessor qualification (www.pcisecuritystandards.org).

Insist that IT Pros who help you in any of these areas be certified: IT Security (CISSP), IT Audits (CISA), and PCI compliance (PCI QSA).