HackerOne: How hacker-powered security could save finance

By William Girling
COVID-19 may have shaken up cybersecurity, but how could hacker-powered security guide the finance industry to a new equilibrium? HackerOne explains...

A newly released white paper from San Francisco-based cybersecurity experts HackerOne outlines the alarming vulnerabilities that the pandemic has exacerbated.

According to the company’s research, 30% of global security leaders have recorded a higher frequency of cyber attacks because of COVID-19.

The root cause isn’t necessarily the pandemic itself, but rather something it has tangibly accelerated: digital transformation. Now that so many FSIs have shifted to digital platforms in a bid to remain competitive and innovative in the new economic climate, how can they ensure organisational security keeps up?

For HackerOne the answer is hackers.

Overcoming limitations

The word ‘hacker’ has a generally negative connotation in the popular imagination, but HackerOne defines the term as,

“One who enjoys the intellectual challenge

of creatively overcoming limitations”

As such, it positions ‘hacker-powered security’ (HPS) based on a community of 830,000 globally registered testers as the key to faster vulnerability checks.

Encouraged by incentive-based identification and reporting programmes (called ‘bounties’), these hackers have submitted over 181,000 valid vulnerabilities and received US$44.75m in bounties over the last 12 months.

With the average data breach costing around $3.86m and each hacker-identified resolution only $979, the business case for utilising hackers is clear.

Finance: No more ‘business as usual’

According to HackerOne, the number of FSIs adopting HPS has grown 75% in just one year. In 77% of cases, hackers were able to provide their initial vulnerability report in just 24 hours, and FSIs are also among the fastest to pay a bounty (approximately 0.9 days).

“There’s no such thing as business-as-usual anymore - which means that business-as-usual security can no longer suffice,” states the white paper.

“Financial businesses are augmenting security frameworks with hackers’ human creativity and always-on security efforts [...] During global lockdowns, hackers reported 28% more vulnerabilities per month than immediately before the pandemic took hold.”

The attitudes of security leaders regarding the evolution of cybercrime tell the full story; from a summer 2020 survey of 1,400 professionals, HackerOne found:

  • 64% believe security breaches are now more likely to occur
  • 30% are dealing with reduced security teams
  • 25% are trying to find solutions against a backdrop of budget cuts

Staying ahead of cyber threats

It’s clear that modern finance needs every advantage at its disposal to stay ahead of cyber threats. HackerOne is helping companies identify their greatest vulnerabilities and take steps for remediation quickly.

Find out more by downloading HackerOne’s fourth-annual ‘Hacker-Powered Security Report’ today.

Image credit: HackerOne

Share

Featured Articles

Top 100 Women 2024: Sun Kwon-Wishik, Wells Fargo – No. 2

FinTech Magazine’s Top 100 Women in FinTech honours Wells Fargo Securities' Sun Kwon-Wishik at Number 2 for 2024

Top 100 Women 2024: Wendy Stewart, Bank of America – No. 1

FinTech Magazine’s Top 100 Women in FinTech honours Bank of America’s Wendy Stewart at Number 1 for 2024

Want to Become a Sponsor of FinTech LIVE in 2024?

Put your brand in front of thousands of attendees at FinTech LIVE in 2024 by becoming a sponsor of one of our events

KPMG Launches New Fintech Platform – KPMG Digital Finance

Financial Services (FinServ)

Global Payments: Embedded Finance Reshapes Consumer Journeys

Financial Services (FinServ)

Worldpay Report: Consumers Driving Golden Era of Payments

Digital Payments