A Senate bill that would allow hackers to go after the networks at the Department of Homeland Security as part of a bug bounty program now has a companion piece of legislation in the House of Representatives.
Last week, two senators introduced a bill that would create a pilot bug bounty program at DHS, similar to one that has run at the Pentagon for several years. The Pentagon program has attracted a lot of participants and after the pilot program there ended, the Department of Defense decided to extend it to other components of the department and continue the Pentagon program, as well.
The proposed program at DHS would be similar in scope and intent, trying to attract hackers to find vulnerabilities in the DHS networks and internal systems. On Monday, Rep. Ted Lieu (D-Calif.) and Rep. Scott Taylor (R-Va.) introduced a companion to the Senate bill to establish the DHS bug bounty program.
“There is perhaps no better way to find weaknesses in our cyber armor than to enlist the help of America’s top security researchers,” said Lieu. “As a Computer Science major, I recognize that bug bounty programs have proven critical to enhancing cybersecurity at the Pentagon and in the private sector, and it is past time we bring this tool to bear at the agency tasked with protecting our homeland security.”
Bug bounty programs have grown into key tools for many companies, both high-profile tech giants such as Google and Microsoft and smaller businesses looking for help finding weaknesses in their networks. The Hack the DHS program follows a successful formula that has been used both inside and outside the government for several years now. If the bills succeed, security researchers would have the chance to dig into the department’s network infrastructure, looking for vulnerabilities that could offer entry points for attackers.