A bipartisan bill that would establish a bug bounty program using “white hat” ethical hackers to search for and identify vulnerabilities within U.S. Department of Homeland Security (DHS) networks was recently advanced by the U.S. Senate Homeland Security and Governmental Affairs Committee.
The bill, titled Hack Department of Homeland Security (DHS) Act, was introduced by U.S. Sens. Rob Portman (R-OH) and Maggie Hassan (D-NH) and cosponsored by U.S. Sens. Claire McCaskill (D-MO) and Kamala Harris (D-CA).
Modeled after the U.S. Department of Defense’s (DoD) Bug Bounty Program, the proposed DHS initiative would provide payments to white hat hackers that identify unique vulnerabilities within DHS networks and information technology. Each participant must first submit to a background check to help ensure they do not pose a threat to national security.
The legislation also requires the DHS Secretary to work in tandem with the Attorney General to ensure that participants in the program do not face prosecutions for their work on the program.
Companion legislation was recently introduced in the House by U.S. Reps. Ted Lieu (D-CA) and Scott Taylor (R-VA).
“The networks and systems at DHS are vital to the security of Ohioans and all Americans,” Portman said. “It is imperative that we take every step to protect our DHS networks from the threats they face every day. One important tool would be to incentivize ethical hackers in the private sector to find vulnerabilities before bad actors do.”