Portman leads effort to enhance DHS cybersecurity through bug bounty pilot program

A pilot program would be established to enlist computer experts to help pinpoint vulnerabilities that leave Department of Homeland Security (DHS) networks susceptible to cyberattacks under legislation recently introduced by U.S. Sen. Rob Portman (R-OH).

A bug bounty pilot program that is based on programs used by the Department of Defense and private technology companies like Google and Apple would be authorized under the Hack Department of Homeland Security Act, which Portman introduced with U.S. Sen. Maggie Hassan (D-NH).

Under the bug bounty pilot program, ethical or “white-hat” hackers would be given a monetary reward for every vulnerability they find and report to vendors. Terms of the program state that the vendors will not pursue criminal charges if hackers follow predetermined rules, and hackers must first register with DHS and submit to background checks.

“The networks and systems at DHS are vital to our nation’s security,” Portman said. “It’s imperative that we take every step to protect DHS from the many cyber attacks they face every day. One step to do that is using an important tool from the private sector: incentivizing ethical hackers to find vulnerabilities before others do.”

DHS is responsible for securing all “.gov” domains and critical infrastructure throughout the country — and the Hack Department of Homeland Security Act aims to help ensure network and data security against relentless cyberattacks.

“Federal agencies like DHS are under assault every day from cyberattacks,” Hassan said. “These attacks threaten the safety, security and privacy of millions of Americans and in order to protect DHS and the American people from these threats, the Department will need help.”