Collaborative efforts key to uncover vulnerabilities in cybersecurity

Collaborative efforts key to uncover vulnerabilities in cybersecurity

Ethical hacking enhances cybersecurity globally.

The practice of ethical hacking is gaining recognition as a crucial component of defensive strategies. Saj Lohani, Global TISO & Sr Director of Cybersecurity at Bugcrowd, emphasised the significant role that ethical hacking plays in enhancing organisational cybersecurity through a collaborative approach.

Ethical hacking, often facilitated by platforms like Bugcrowd, relies heavily on community engagement to identify security vulnerabilities. This method draws on a principle attributed to Linus Torvalds, known as Linus's Law: "Given enough eyes, all bugs are shallow." This concept suggests that a wide-ranging examination by various experts can effectively uncover vulnerabilities that might otherwise go unnoticed.

"What we like to say in Bugcrowd is the concept of 'it takes a crowd.' We're trying to grab all of those bits of talent from all over the community, various parts of the world, and then bring everyone into one place," Lohani explained. 

Despite its growing importance, ethical hacking faces several challenges. One of the primary concerns is keeping up with rapidly advancing technologies, such as artificial intelligence, and ensuring that the contributions of ethical hackers are recognized and utilised by organisations. Moreover, ethical hackers often grapple with potential legal repercussions, which can deter their willingness to report vulnerabilities.

"The biggest challenges arise when there are no clear paths for communication between ethical hackers and the organisations," Lohani said. He advocates for proactive measures, such as vulnerability disclosure programs, which provide a straightforward way for hackers to report issues without fear of legal consequences. 

"It’s basically just a webpage saying, 'Hey, this is where you come in, contact us if you have found an issue.' It makes it accessible, allowing the community to come and talk to you," he noted.

Lohani highlighted an example involving a prominent hacker within the Adobe Experience Manager (AEM) community, who developed a tool that significantly aids in the discovery of vulnerabilities. "If he didn't publish that tool, the issues around that entire type of technology would not have been found as easily," he remarked.

This collaborative approach not only enhances the effectiveness of cybersecurity measures but also keeps costs manageable and the process engaging for participants. It allows ethical hackers to explore specific issues in depth, at their own pace, and in their areas of interest.

Follow the link for more news on

Join Asian Business Review community
Since you're here...

...there are many ways you can work with us to advertise your company and connect to your customers. Our team can help you dight and create an advertising campaign, in print and digital, on this website and in print magazine.

We can also organize a real life or digital event for you and find thought leader speakers as well as industry leaders, who could be your potential partners, to join the event. We also run some awards programmes which give you an opportunity to be recognized for your achievements during the year and you can join this as a participant or a sponsor.

Let us help you drive your business forward with a good partnership!

Exclusives

Chinese insurers deem it wise to move to alternative investments
Analysts see new regulations driving a conservative shift as insurers seek stability amidst volatile markets.
Insurance
Dharmais Cancer Hospital leads cancer treatment innovation in Indonesia
CEO Soeko Werdi Nindito Daroekoesoemo unveils advanced technology and seven flagship programmes for cancer treatment.
Is ‘Londonisation’ good for Asia’s M&A insurance market?
Industry experts dissect the region’s low usage rates for M&A insurance despite more industry players entering the field.
Blurring lines between online and offline retail in Asia Pacific
Foodpanda executive explains consistent service levels through efficient logistics and quality control measures.