Click here for video of Senator Hassan’s question and Ms. Grady’s response.
WASHINGTON – The Hassan-Portman Hack DHS Act could be a valuable tool for improving cybersecurity, Claire Grady, the nominee to be Under Secretary for Management at the Department of Homeland Security, said yesterday during her confirmation hearing before the Senate Homeland Security and Governmental Affairs Committee. Senator Maggie Hassan (D-NH) introduced the legislation with Senator Rob Portman (R-OH) last month.
“I think it’s a very valuable tool that industry has found tremendous benefit for a relatively small return in terms of what is actually paid out for the bug bounties,” Ms. Grady said. “I think the Department of Homeland Security can take advantage of the lessons learned from the Department of Defense who did both Hack the Pentagon, Hack the Army, and Hack the Air Force. And a key element associated with that is working very closely, not just from a procurement perspective, but with the CIO to ensure that it’s conducted in an effective way and that we are prepared to respond to the findings that will result from a bug bounty.”
The Hack DHS Act would establish a bug bounty pilot program – modeled off of similar programs at the Department of Defense and major tech companies – in order to strengthen cyber defenses at DHS by utilizing “white-hat” or ethical hackers to help identify unique and undiscovered vulnerabilities in the DHS networks and data systems.
###