The UK’s Ministry of Defence (MoD) has concluded its first-ever bug bounty challenge with security platform HackerOne, building on its commitment to developing a culture of collaboration around cyber security.
Bug bounty programs, whereby hackers report real-world security vulnerabilities to affected organizations in return for monetary compensation, are used throughout the industry as a way of incentivizing security research and identifying any issues before adversaries have a chance to exploit them.
During the 30-day challenge, the MoD invited hackers to investigate vulnerabilities in its digital assets by giving them direct access to its internal systems, which was done to help the MoD secure and defend them from cyber attacks. The challenge follows the UK government’s integrated review of security, defense, development, and foreign policy from March. It highlighted the need for greater capacity and resilience to deal with cyber threats, especially against critical national infrastructure (CNI).
“The MoD has embraced a strategy of securing by design, with transparency being integral for identifying areas for improvement in the development process,” said Christine Maxwell, chief information security officer (CISO) at the MoD.
“It is essential for us to continue to push the boundaries with our digital and cyber development to attract personnel with skills, energy, and commitment. Working with the ethical hacking community allows us to build out our bench of tech talent and bring more diverse perspectives to protect and defend our assets.