20 July 2015
Whilst you might have heard the word ‘hacker’ being used to describe people who carry out malicious behaviour online, it’s important to remember that hacking isn’t limited to this narrow definition. It is also a skill, a way of looking at things and figuring out how they can be adapted and used in other ways.
As you might have read in the news last week, the American Airline ‘United’ gave two hackers a million free flight miles each for alerting them to security problems in their website. It’s part of their ‘bug bounty’ scheme, which rewards people for discovering and privately disclosing vulnerabilities in their IT infrastructure.
Many technology companies run similar schemes, but personally I feel hugely encouraged to see other industries taking on the idea. Where monetary rewards aren’t possible, offers of a complimentary service or product are an affordable alternative.
It’s important to stress that by running a bug bounty scheme, you are not eliminating threats. It is still paramount to have a cybersecurity team in place, monitoring and pen testing your website, and investing in the appropriate safeguards, such as firewalls and antivirus. However, the benefits of bug bounties, as well as providing additional helping hands, go much further than the businesses that run them.
Hackers, however vilified, are often very smart individuals with a lot of talent. The problem lies is how that talent is put to use. Incentivising young hackers to use their skills to drive positive change can only be a good thing, in my opinion.
The internet is an amazing resource but it is constantly evolving. To keep it safe we need to combine our efforts and show people that doing the right thing does pay. Most people are driven by a sense of purpose; surely, if we can help young hackers to see their purpose as a positive and protective one, we’ll be heading in the right direction.
I wonder where they’ll go with their million free miles…