As part of a new initiative aimed at learning more about their cyber security strengths and weaknesses, the Pentagon is hosting a competition for the best and brightest hackers around the country. The goal? To hack into their network and shine a light on any vulnerabilities or inconsistencies otherwise overlooked by the government.
The contest is open to approved contestants and begins on April 18th – modeled after the actions of a number of major technology firms across the country, Defense Secretary Ash Carter noted that it was a significant way the public sector could learn from the private sector. Registration is through a site supported by HackerOne, and a variety of tests and background checks will be performed before the contestants are deemed eligible for the contest. With a prize of $150,000 at stake, along with the notoriety of winning such a unique competition, it will be interesting to see how all of this turns out.
On a larger scale, the idea of opening an organization – public or private – to hackers in order to understand their strengths and weaknesses, isn’t new but is disruptive, turning accepted thinking on its head. Standard procedure is to take a look at what could come through, implement the necessary steps to protect the network, and test said steps to make sure everything works properly. But the person who created the security protocol testing its endurance only goes so far. In order to truly understand a network’s raw vulnerabilities, some take it a step further and see the potential inconsistencies through the eyes of a hacker. Disruptive, yes, but worth it in some cases.
Now, this isn’t to say that every company needs to rush out and find a hacker to test their network; this option is just another to consider. Being as fluent as possible in the workings of the cyber security world, along with knowing your network’s inner workings is key. Outside perspectives and assistance are always acceptable tools when dealing with cyber security best practices.