The cyber bug bounty program is a first for the federal government, but you'll need to undergo a background check The U.S. Department of Defense plans to ask computer security experts to Hack the Pentagon as part of a push to improve its cyber defenses.The initiative is similar to the bug bounty programs run by commercial software companies seeking to reward hackers who report security vulnerabilities in code. The DOD says it’s the first cyber bug bounty program in the history of the federal government.The DOD program, which will launch in April, will ask participants to examine its public Web pages, searching out vulnerabilities and attack launching points.But the program will only go that far. The DOD’s classified networks will be off-limits to the participants, and they won’t be free to launch actual attacks on any of the department’s public-facing sites. The Pentagon will recruit participants through crowdsourcing websites, and they’ll be required to register and submit to a background check. Once approved, they’ll have access to a system chosen by the DOD for a predetermined amount of time.Participants could be eligible for “monetary awards and other recognition,” the DOD said. Secretary of Defense Ash Carter has spoken a lot about the need for his department to work more closely with Silicon Valley and emulate some of the ways in which tech start-ups operate and innovate.The Hack the Pentagon program is a product of just such an initiative: the Defense Digital Service, a small team of engineers, affiliated with the U.S. Digital Service, that seeks to improve the DOD’s technological agility. Carter launched the Defense Digital Service last November.“I am always challenging our people to think outside the five-sided box that is the Pentagon,” he said in a statement. “Inviting responsible hackers to test our cybersecurity certainly meets that test.”The Pentagon said it would offer more details about the program and how to apply in the coming weeks. Related content news UK businesses face tightening cybersecurity budgets as incidents spike More than a quarter of UK organisations think their cybersecurity budget is inadequate to protect them from growing threats. By Michael Hill Oct 03, 2023 3 mins CSO and CISO CSO and CISO C-Suite news Cybersecurity experts raise concerns over EU Cyber Resilience Act’s vulnerability disclosure requirements Open letter claims current provisions will create new threats that undermine the security of digital products and individuals. By Michael Hill Oct 03, 2023 4 mins Regulation Compliance Vulnerabilities opinion Cybersecurity professional job-satisfaction realities for National Cybersecurity Awareness Month Half of all cybersecurity pros are considering a job change, and 30% might leave the profession entirely. CISOs and other C-level execs should reflect on this for National Cybersecurity Awareness Month. By Jon Oltsik Oct 03, 2023 4 mins CSO and CISO Careers feature The value of threat intelligence — and challenges CISOs face in using it effectively Knowing the who, what, when, and how of bad actors and their methods is a boon to security, but experts say many teams are not always using such intel to their best advantage. By Mary K. Pratt Oct 03, 2023 10 mins CSO and CISO Advanced Persistent Threats Threat and Vulnerability Management Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe