They are a nightmare to businesses, steal identities, paralyse organisations and break into cryptocurrency centres. Two-thirds of companies worldwide are reported to have suffered a cyberattack in 2020, which represents a loss of more than USD$1 trillon; approximately 1% of global GDP.
To combat security vulnerabilities, companies are increasingly turning to so-called bug bounty programs. The premise is simple: companies allow hackers to explore their programs, websites or apps, in the search of to security weaknesses that they report. Whilst there are many advantages for companies in doing so, the primary benefit is financial. Unlike traditional cybersecurity auditing, which is expensive and must be carried out often, in a bug bounty the company only pays up if a new weakness is detected.
by Mathieu Simonnet