shutterstock-1035875818
Security

What you need to know before you launch a bug bounty program

It’s no secret the cybersecurity industry has a skills gap. Read any report that looks at hiring in the security field across the world and the only difference is the size of the shortage. According to last year’s Global Information Security Workforce Study (GISWS), the global shortfall is expected to be 1.8 million by 2022 – a 20% increase since 2015.  

One way to overcome this ongoing lack of cyber skills is to supplement your existing security staff with crowdfunding. A new wave of companies, including HackerOne, Bugcrowd, and Synack are offering communities of hackers ready to test your systems and report their findings in exchange for cash rewards.

But what does launching a bug bounty program involve, and what do you need to know beforehand?

 

Why companies are turning to bug bounties and crowdsourcing security

The idea of bug bounties – inviting hackers to probe a company’s systems and report any vulnerabilities in exchange for a reward – has been around for over 20 years. In 1995, Netscape launched the ‘Netscape Bugs Bounty’ program to let people find bugs in beta versions of Netscape Navigator 2.0. Rewards included up to $1000 cash, Netscape swag, and ‘bragging rights’.

To continue reading...


PREVIOUS ARTICLE

« The CMO Files: Chandar Pattabhiram, Coupa

NEXT ARTICLE

C-suite career advice: Kristen Hamilton, Koru Predictive Hiring »
author_image
Dan Swinhoe

Dan is a journalist at CSO Online. Previously he was Senior Staff Writer at IDG Connect.

  • twt
  • twt
  • twt
  • Mail

Recommended for You

International Women's Day: We've come a long way, but there's still an awfully long way to go

Charlotte Trueman takes a diverse look at today’s tech landscape.

Trump's trade war and the FANG bubble: Good news for Latin America?

Lewis Page gets down to business across global tech

20 Red-Hot, Pre-IPO companies to watch in 2019 B2B tech - Part 1

Martin Veitch's inside track on today’s tech trends

Poll

Do you think your smartphone is making you a workaholic?