BROWSE

WHERE TO WATCH

MORE

CONTACT

Log InorSign Up

Using Bug Bounties to Squash Cyberattacks

December 19, 2017

Updated 6mo ago

Sometimes the best way to fight fire is with fire. That's the idea between bug bounty programs using hackers to identify vulnerabilities in the cybersecurity systems of organizations. David Baker, Chief Security Officer at Bugcrowd, a bug bounty management company, explains how his company is exterminating cybersecurity threats.

Baker says the key to cybersecurity is transparency and adds that bug bounties are a way of fostering a relationship between hackers and companies. Uber's massive hack that impacted over 57 million people wasn't due to the absence of a bug bounty program because the ride-hailing company has a robust system in place, according to Baker. He says that from an ethical perspective, Uber's handling of the hack was bad and "they broke the law."

Bugcrowd is working to boost transparency in the cybersecurity space. To do so, it is launching a new tool, called Traffic Control, to give companies more insight and control of their bug bounty programs. The tool allows organizations to uncover additional return on investment from crowdsourced security testing with enhanced visibility into researcher activity, says Bugcrowd.

Newark Alliance CEO Hopes New York's Amazon Loss is New Jersey's Gain

Related

Uber's Big Hack, and Getting Ready for Tax Reform

Another black eye for Uber, as the company discloses it paid hackers $100,000 to keep quiet about a data breach that affected 57 million riders. The company fired its chief security officer and his deputy as a result. Plus, Congress is getting ready to vote on a tax reform bill after the Thanksgiving holiday. But with many tax deductions likely to go away if the legislation passes, there are some tips you might want to consider to get ahead of the changes.

If "NotPetya," Then Who? Finding the Motive Behind the Global Cyberattack

Vice's Motherboard tried to confirm the identities of the hackers behind the "NotPetya" ransomware attack, asking them to prove themselves by cracking an encrypted file, and learned a little bit about their possible motives. We also dig into the mess of the hack and whether a foreign government is to blame.

Protecting the Crown Jewels of Your Company

John Ackerly, CEO of data protection company Virtru, joins Cheddar to talk about the state of cybersecurity in America. He says that if you're a company now asking what you can do to protect the "crown jewels" and the customer, then it's already too late for you. He says the right question is, "How can I identify what is important and move the walls around the data itself, not the system as a whole?" The most recent breach that has shocked Americans involves Uber. The company paid a $100,000 ransom to hackers to delete data stolen from 57 million customers. This hack happened in 2016 but was just disclosed before Thanksgiving. Ackerly says it's not so much about the breach itself, it's about the coverup. So how do you respond efficiently to a company when you discover a hack? Trust is a major factor in customer retention, and he believes Uber leadership has a lot of work to do in order to clean up this mess. He believes former CEO Travis Kalanick started Uber in order to make people's lives easier, but that vision got lost. It was no longer about the consumer, it was about covering his tracks. Virtru takes powerful data protection standards and integrates them with everyday applications, such as Gmail and Microsoft Outlook, in order to try to protect sensitive information.