Bug Bounty Programs – compensating a researcher who has found a “bug” in a company’s system – can be very effective at mitigating cybersecurity risk.
These programs have quickly become a core part of the mature, secure development lifecycle initiative; and successful common practice with companies like Facebook, Google and Microsoft. However, inviting hacking or any form of sanctioned attacks into an organization to uncover security flaws, comes with risks. Bug Bounty Programs must be carefully, designed, implemented and managed to avoid these potential risks and to make sure they are ‘successful’.
This TECH Talk will examine how to get started in implementing a successful and effective Bug Bounty program to achieve your company’s vulnerability hunting goals.
Join us for the next TECH Talk in this webinar series:
Bug Bounty programs debugged: a 360° view
Wednesday December 13 | 16:00 GMT, 11:00 EDT
Attendees will learn:
- Learn about the different types of Bug Bounty programs, who should consider using one and when/how to start
- Understand the risks associated & how to effectively manage them
- Learn the key considerations to ensuring the program is effective and meets the program expectations
Who should attend:
- Information security professionals
- Risk, compliance and audit professionals
About this series:
Stay on top of your proactive cybersecurity defenses with our 30-minute TECH Talk webinar series. This monthly series will feature brief 30-minute discussions with cybersecurity experts who will present different technical testing solutions and provide actionable ways for organizations to proactively sharpen their cyber defenses.
Upcoming 30-minute TECH Talks:
- January 2017 - to be announced shortly.
Vice President, Stroz Friedberg, an Aon company
As Vice President in Stroz Friedberg’s Security Science practice, Cassio Goldschmidt leads engagements that help clients proactively identify, validate and prioritize information and cyber risk. With almost 20 years of experience working with global organizations, Mr. Goldschmidt brings a balanced technical and business perspective to aid organizations in managing both product and program-level security (read more).
Cyber risk is a top concern for enterprises.
According to the 2017 North America Cyber Risk Transfer Comparison Report:
- 87% of respondents believe that cyber liability is one of the top 10 business risks for their organisations
- 24% of organisations have cyber insurance coverage
- $3.6M is the average economic impact of a material or significantly disruptive security exploit or data breach