Wanna Cry. Meltdown. Mirai. NotPetya.
These (seemingly nonsensical) noms-de-guerre for major cyberattacks over the past few years still strike fear into the heart of every CISO office — and they should. The frequency and sophistication of such attacks is indisputably on the rise — as is the tidal wave of damage they cause in their wake.
Companies need all the help they can get staying ahead of the security curve. It’s why HP is tapping security researchers around the globe — commonly called “white hat” or “ethical” hackers — to help them spot security risks before they can gain control of a connected device and compromise sensitive data.
“The odds are against us,” says Shivaun Albright, Chief Technologist, Print Security, and member of the HP’s Security Advisory Board. “With millions of attacks being introduced on an ongoing basis, we need to be sure that we are setting a high bar.”
Bug bounty programs aren’t new, but HP this week unveiled a fresh twist on one — it’s the first of its kind for a printer company. Ahead of the Black Hat conference in Las Vegas, HP is opening the curtains to some of its code, with the hopes that transparency and some well-placed cash rewards will prompt creative hackers to find hidden vulnerabilities in office printers.
HP is working with BugCrowd to help verify reported threats and reward security researchers (an industry word for hackers) based on the severity of the flaw, with incentives ranging from $500 to $10,000. It’s part of an ongoing effort by HP to design and develop products with security in mind from the hardware on up the stack.