How to Approach Customers with Security Issues?

stuntshell asks: "We're a group of IT Professionals and we're starting our own consulting firm. We're most systems administrators, and not business admin, nor lawyers, and we're all have worked on big companies and most of the time the job to be performed was just passed on to us. The scope of the work we're about to perform will be security related, so how do you approach a customer in this kind of business? Do you wait for them to come and ask you to test their firewall? Or do you go scanning and discovering holes on other's network for you to offer them your solution? Do write a letter/email or do you propose a meeting? What works?"

English as a second language courses

[Professor_UNIX]

I would suggest brushing up on your English if you plan on conducting business in English speaking countries. I would also highly recommend against attacking a company's network pre-emptively without their express written approval and a solidly established rules of engagement. Anything less is likely to land your ass in jail very quickly. An attacker coming to me offering "consulting services" is akin to a mobster offering his protection to local businesses for a weekly fee. You may very seriously want to consider partnering with someone with some experience establishing, managing, and growing a small business, even if it's not previously computer related experience. The business experience will probably prove invaluable to you and save you a lot of headaches down the road.