Monday, April 9, 2018

Pirates of the Cybercaribbean

The cybernetic seas are very deep and dark. Defending the fleet against other pirates is complicated for companies. As in the movie "Pirates of the Caribbean", you will run into pirates like Jack Sparrow, who will go all out to get their treasure. But, what if you put yourself on their side and include "the bad guys" in your ranks?

Cybersecurity in companies is an aspect that entrepreneurs often ignore, but increasingly, the leaders of these are being aware of the risks they face if they do not protect their data against the "hackers". Hiring the pirates or university students is an option when it comes to investing in cybersecurity for your company. Laurie Mercer, a solution engineer at HackerOne, talks to us about direct recruitment through bonus programs in the interview that we share with you below.

According to HackerOne's most recent hacker reports, almost 12% of HackerOne hackers earn around $ 20,000 per year for error bonuses. But what leads companies to hire pirates among their workers? Laurie Mercer gives us her point of view: "From a recruitment aspect, Yelp realized that this was a way to find talent, since they were people who normally could not access that position because they had not finished college or they didn't have security experience that allowed them to pass through the human resources department. "

HackerOne is a platform that facilitates communication between a company's security team and hackers. It currently has more than 166,000 registered users, which means that more and more companies are becoming more receptive to the disclosure of their vulnerabilities and trusting these "pirates". As Mercer says, they have found an innovative way to find talent and match talent with the needs of each company.

As Laurie Mercer says: "We receive messages from students who tell us they read our Hacktivity feed, a hacker named Jack Cable is using the reward money to pay for his studies at the university." The young man, with only 17 years old, was able to finish with 200 reports of vulnerability ranking among the 3,000 best of HackerOne. Mercer said that from that moment they realized their talent, and today is waiting to conduct a job interview with the Defense Department.

The reputation system of HackerOne works in the following way. Each time a hacker sends a vulnerability that is accepted, it is rewarded with points to climb in the "ranking", and in case the vulnerability presented is not accepted, they lose reputation points. At the top of the ranking, users can access to work with private clients according to their scores. The companies trust more in these users, since as Mercer says: "some people see it as an advantage and the poacher became a forester".

In conclusion, Laurie Mercer was asked if she believed that a greater exposure of the vulnerability of companies and the participation of clients would help cybersecurity professionals in the future. Mercer answered: "We all benefit from the work of the community, because it is helping the internet security in general, but the opportunities offered by participating companies also help to encourage hackers, help them gain experience and even get a job. "

On many occasions you have to ally with the enemy pirate to defend against fleets much larger than yours. Information is power, and in the 21st century data is the treasure most sought after by cyber-pirates.


Post a Comment