If you can get pushback on using the services of an ethical hacker, describe that the point of using the services of a single is not to check the competencies of your IT department. Instead, It really is a further, non permanent measure to develop a protected infrastructure which can face up to what ever cyber threats destructive hackers could poss