DHS Bug Bounty Bill Introduced in the House

Reps. Ted Lieu, D-Calif., and Scott Taylor, R-Va., on June 6 introduced the Hack the Department of Homeland Security Act, a bill that would establish a bug bounty program that encourages white-hat hackers to search for and report vulnerabilities within DHS systems.

“There is perhaps no better way to find weaknesses in our cyber armor than to enlist the help of America’s top security researchers,” said Lieu. “As a computer science major, I recognize that bug bounty programs have proven critical to enhancing cybersecurity at the Pentagon and in the private sector, and it is past time we bring this tool to bear at the agency tasked with protecting our homeland security.”

According to the press release, the bill is a companion to the Hack Department of Homeland Security (DHS) Act introduced a couple of weeks ago in the Senate by Sens. Maggie Hassan, D-N.H., and Rob Portman, R-Ohio.

“Federal agencies like DHS are under assault every day from cyberattacks. These attacks threaten the safety, security, and privacy of millions of Americans and in order to protect DHS and the American people from these threats, the department will need help,” Hassan said. “The Hack DHS Act provides this help by drawing upon an untapped resource—patriotic and ethical hackers across the country who want to stop these threats before they endanger their fellow citizens. This bipartisan bill take the first step to utilize best practices from the private sector to harness the skills of hackers across America as a force multiplier against these cyber threats. I will work with members of both parties to move this important bill forward.”

Bug bounty programs are a security practice widely used by the private sector in which companies agree to pay hackers who, abiding by a set of pre-established rules, submit vulnerabilities to the company. The department of Defense’s 2016 “Hack the Pentagon” program was celebrated as highly successful.

“The networks and systems at DHS are vital to our nation’s security. It’s imperative that we take every step to protect DHS from the many cyberattacks they face every day,” said Portman. “One step to do that is using an important tool from the private sector: incentivizing ethical hackers to find vulnerabilities before others do. I look forward to working with Sen. Hassan to move this bipartisan bill forward and helping protect DHS from cyber threats.”

“Today, in the 21st century, conflicts are waged behind the scenes on the digital frontier,” said Taylor. “It is vital that America becomes the global leader in combating cyber threats. We must do everything in our power to strengthen our cybersecurity by identifying and patching vulnerabilities in our networks to avoid jeopardizing our national security.”

Recent