• |

Mar. 22, 2017

How to Establish and Manage a Successful Bug Bounty Program 

  • Amy Terry Sheehan
    Cybersecurity Law Report
Bug bounty programs – paying a researcher who has found a “bug” in a company’s system – can be effective at mitigating cybersecurity risk, but they must be implemented and managed carefully lest they be abused and backfire. Cassio Goldschmidt, vice president in Stroz Friedberg’s cyber resilience practice, spoke to the Cybersecurity Law Report about the steps to take to establish a bug bounty program, including the measures that should be in place prior to launching it, and how to best manage a successful program. See also “Tech Meets Legal Spotlight: What to Do When IT and Legal Slow the Retention of a Third-Party Vendor” (Nov. 30, 2016).

To read the full article

Continue reading your article with a CSLR subscription.

Most-Read Articles

Spotlight on Trailblazing Women

To mark International Women’s Day 2024, women editors and reporters of ION Analytics interviewed outstanding women in the industries and jurisdictions we cover. In this part, Jill Abitbol, Managing Editor of the Cybersecurity Law Report and Anti-Corruption Report, features notable women in data privacy, cybersecurity, white collar defense, compliance and anti-corruption law, including Christina Montgomery, Leslie Shanklin, Palmina Fava, Alexandra Ross and Lucinda Low. Enjoy reading their inspiring remarks here.

We Celebrate Data Privacy Day 2024

Read the full brief here.