DoD IT Official Endorses Value of Bug Bounty Programs

Pentagon Military Defense DoD

The deputy director of the Defense Department’s (DoD) Digital Defense Service (DDS) gave a strong endorsement on Oct. 29 of the value of the agency’s “bug bounty” programs which enlist the help of third parties to explore segments of DoD networks looking for vulnerabilities.

Megan Furman, Deputy Director at DDS, explained at the Future of Work Government Summit that she helps operate a “SWAT team of nerds” focused on promoting user-centric practices and adopting policies that allow for better IT decision making, among other areas.

One of those are bug bounty programs, which she said have been used for years in the private sector but which the Federal government embraced only in 2017.

“What we found is we had vulnerabilities, but then we could mitigate them,” Furman said.

Beginning the bug bounty programs, she recalled, was considered a “little rough and scary” for an organization not known for inviting hackers to investigate. But the payoff is worth it, because it allows DDS to “find problems … and then drive a truck through them.”

John Curran
About John Curran
John Curran is MeriTalk's Managing Editor covering the intersection of government and technology.