Ethical hackers are paid to get into a company's system and find flaws before criminals do. "It's actually quite a significant industry," said Currencycloud's Rich Arundel.
Currencycloud co-founder and general manager Rich Arundel recently spoke with TechRepublic's Dan Patterson about how his company's technology makes international payments easier, enabling companies to pay bug bounty hunters living in other countries. Here's the first part of their conversation:
Patterson: Let's start with the economics of hacking, the ecosystem of hacking. Very simple question, but probably one that a lot of people have, how do white hat, gray hat, and black hat hackers get paid?
Arundel: It's a good question, so let's have a lot at a specific example, and one of our clients that we use, which is HackerOne. And very simply these guys have, they're effectively a bug-bounty platform. It sounds really cool right, being a bug bounty hunter? But these guys are ethical hackers, and they are connected to companies, and in the case of HackerOne you have people from Starbucks and Yelp, all the way up to the DOD.
SEE: HackerOne predicts its bug bounty payments will quintuple by 2020 (TechRepublic)
And these guys are paying these ethical hackers to find flaws in their system, to come and hack my system and find where the vulnerabilities are. Now, if you find something as a bounty for doing that, we'll pay you for it. Now it's actually quite a significant industry, I mean you have people who are professional security experts, who maybe do this on the side for a bit of spare cash, they want to buy a new car, they want to buy a wedding ring, et cetera. All the way from young self -taught engineers who are doing this as a full-time job.
There's a stat that says in some countries, these guys can earn more than a software engineer. So it's a big, big business.
- Interview with a hacker: Kapustkiy from New World Hackers (TechRepublic)
- Get ready for the rise of spymail, the hottest trend in email hacking (TechRepublic)
- How to become a master cyber-sleuth (TechRepublic)
- Video: Top 5 ways to track data breaches (TechRepublic)
- Get an inside look at the exploit infrastructure (TechRepublic)
- IT leader's guide to cyberattack recovery (Tech Pro Research)