Ethical hacking is not just for fun or show. For numerous business reasons, ethical hacking is the only effective way to find the security vulnerabilities that matter in your organization.
If you're going to keep up with external attackers and malicious insiders, you have to stay current on the latest attack methods and tools.
With all the government laws and industry regulations in place, your business likely doesn't have a choice in the security matter. The problem is that being "compliant" with these laws and regulations doesn't automatically mean you're "secure." You have to take the checklist audit blinders off and dig in deeper using ethical hacking tools and techniques in order to find out what really matters.
No doubt, someone in your organization understands higher-level security audits better than this ethical hacking stuff. However, if you can sell that person on ethical hacking and integrate it into existing security initiatives, the auditing process can go much deeper and improve your outcomes. Everyone wins.
Many businesses now require in-depth security assessments of their business partners. The same goes for certain clients. The bigger companies ...