DOD announces new hacker initiatives
- By FederalSoup Staff
- Nov 22, 2016
The Defense Department this month rolled out two new “white hat” hacker initiatives designed to bolster cybersecurity at the department.
Under the first initiative, which went into effect Nov. 21, DOD now will allow security researchers to legally find and disclose to the department any vulnerabilities in DOD’s public-facing systems.
“The Vulnerability Disclosure Policy is a ‘see something, say something’ policy for the digital domain,” Defense Secretary Ash Carter said in a statement. “We want to encourage computer security researchers to help us improve our defenses. This policy gives them a legal pathway to bolster the department’s cybersecurity and ultimately the nation’s security.”
In a second initiative, DOD also announced the opening of registration for a “Hack the Army” bug bounty challenge modeled after the Defense Digital Service’s Hack the Pentagon pilot program. The department said it expects about 500 hackers to compete for cash bounties in the new hacking challenge, which will focus on websites affecting the Army’s recruiting mission.
“As secretary of the Army, the security of these foundational systems is incredibly important to me, and security is everyone's responsibility,” said Army Secretary Eric Fanning. “We need as many eyes and perspectives on our problem sets as possible and that’s especially true when it comes to securing the Army’s pipeline to future soldiers.”