When General Motors (GM) decided to start a bug bounty program—paying hackers to find computer bugs in the company’s information systems—they purposely tried to avoid other companies’ mistakes with such programs. Uber ended up paying hackers more than ten times the amount that they had originally allotted, partly to avoid hackers destroying customer data they had downloaded. Uber made changes to their bug bounty program after that, making it more clear what hackers should not do. Uber’s experience showed the potential problems that can occur when hackers try to profit from the problems they find.
GM didn’t want to face the challenges involved in overpaying, underpaying, or getting into arguments whether a payment was deserved for its bounty hackers. In fact, GM didn’t pay bounty hackers at all at first. During the first stage in the GM program, hackers who reported bugs were given a direct link to GM’s security team. “Having that reporting system in place sent the message to hackers that the company was serious about security,” said Jeff Massimilla, a GM cybersecurity executive. After two years of building relationships with hackers, GM started paying for bugs. Just two years later, the select group of hackers in the company’s bug bounty program had found 700 bugs.
GM’s bug bounty program is only one part of its three-prong approach to cybersecurity. What are the other prongs? Their staff includes twenty-five to thirty “white hat hackers” who sometimes are called ethical hackers. White hat hackers’ work focuses on ensuring that a company’s information systems aren’t subject to security breaches. GM also works with third-party companies that hire more white hat hackers. They have to use the bounty program and third-party companies in addition to full-time internal hackers, since there is a shortage of white hat hackers.
White hat hackers not only need technical skills, but they also need to be trusted to work for the benefit of the companies that employ them. People with hacking skills often would rather not work for just one company and like flexibility and working from home. GM’s three-prong approach also was designed to catch more bugs. “If you have so many different perspectives coming together, it’s very different than having your own internal hackers who are all probably trained using the same processes,” said Massimilla.
1.Bug bounty programs and hiring white hat hackers are forms of information controls. What are other forms of information controls mentioned in the chapter?
2.When a bug is found through a bug bounty program, do you think managers are more likely to take immediate corrective action or basic corrective action? What are the reasons for your answer?
3.What are the dangers versus the benefits of hiring hackers? Why have companies decided that there are more benefits than dangers in accomplishing the process of controlling via hiring hackers? For more information on Bug Bounty Programs check out: https://hackerone.com/verizonmedia
Plagiarism Free Papers
Thehomeworkwritings.com’s team of writers write all papers from scratch. We deliver 100% original, unique papers. That’s what makes us the best custom homework writing service
We provide unlimited free revisions to all customers and on all papers. Try The Homework Writings today for the best custom homework writing service and experience in the industry.
Thehomeworkwritings.com gives clients title pages free of charge. Your only job is to fill out our order form. We will handle the rest.
As the leading essay writing service, we never submit any paper without a reference/bibliography page. We do this free of charge too.
Originality & Security
At Thehomeworkwritings.com, we take great pride in delivering only high-quality 100% original papers to all our clients. We also never share any of our clients’ information with third parties. Your data is safe with us.
24/7 Customer Support
No other custom homework writing service has a friendly, always available customer support team to respond to clients like us.
Try it now!
How it works?
Follow these simple steps to get your paper done
Place your order
Fill in the order form and provide all details of your assignment.
Proceed with the payment
Choose the payment system that suits you most.
Receive the final file
Once your paper is ready, we will email it to you.
Why outsource our services
We have the best customer support team for your essay writing needs.
You won’t find any other custom homework writing service with pricing as flexible and affordable as ours.
Admission help & Client-Writer Contact
We provide a direct line of communication with our writers for the best writing experience.
As the leading custom homework writing service, we take deadlines very seriously. You will have your paper submitted on time without any delays.
We truly value your feedback, good or bad, and always use your feedback to help us provide you with an even better custom homework writing service