DHS Says Senate-Mandated Bug Bounty Contest is Duplicative

“Congress is itching to launch a bug bounty program at the Homeland Security Department, but department officials are ambivalent about the idea,” writes Joseph Marks this week in Nextgov.

The Senate on Tuesday passed a bill “mandating a bug bounty” contest intended to encourage programmers to find weaknesses in DHS’ systems. But, according to Marks, DHS says the proposal “would duplicate work it’s already doing.”

Under the contest, mandated under the Hack DHS Act, “ethical hackers earn cash rewards for spotting digital vulnerabilities in Homeland Security websites and web tools.”

Chris Krebs, acting undersecretary for the DHS cyber division, indicated the resources could be better spent elsewhere, and that the effect might inadvertently be to diminish DHS’ own capability.

“We have the hunt and incident response team, which gets us the same capability,” Krebs said. “If we wanted to add bandwidth and depth by bringing in pre-vetted and pre-cleared folks like [the Pentagon] did … we’re open to that program. But it has to be resourced appropriately. I don’t have a budget sitting anywhere that would be able to reward folks that found bugs.”

 

 

Posted in Featured News

Tags: DHS

Print

This Week on FEDtalk

Are You Ready For Open Season?

With open season just around the corner, tune in to FEDtalk tomorrow to hear about some of your options as a federal employee when making benefits decisions and planning for your future.

Read more ...

Hear it from FLEOA

An Update on the OPM Cyber Breach

In the wake of the most recent data breach of Equifax, FLEOA has provided an update on the June 2015 Office of Personnel Management (OPM) data breach to include claims, lawsuits and legislation.

Read more ...
FEDagent

FEDagent.com

The free weekly e-report for Federal Law Enforcement

Get in touch with us

Email FEDagent publisher

Copyright 2018 FEDagent.com
Hosted by Peak Media Company, LLC