Uber to quadruple cybersecurity team to protect drivers from attacks

100-strong team will aid protection of 'polarising' drivers, along with increasing data security and hack prevention

Controversial taxi-ordering service Uber is set to quadruple the size of its cybersecurity team to protect customer data, defend against hackers and even protect its drivers from attack.

The company, which allows users to order a taxi using a smartphone app, currently has a security team of 25 and plans to increase its size to 100 by the end of 2015.

Uber's chief security officer, Joe Sullivan, is a former federal prosecutor of cybercrime who joined the company in April.

Sullivan came to Uber after five years as chief security officer at Facebook and joined the taxi app firm after it was criticised for the way it handled data following an incident where information about 50,000 Uber drivers was stolen by unknown hackers.

According to the Financial Times, one of the reasons for Uber's desire to boost its security team is to protect its drivers, whom Sullivan described as "polarising figures in their communities".

Uber has faced regular battles against taxi drivers in cities including New York, Paris and London who accuse the firm of undermining their operations.

Meanwhile, the business practices of Uber regularly come under scrutiny. For example, during the London tube strikes, Uber drivers were accused of massively increasing their fares at a time of high demand.

In addition to protecting drivers, Sullivan and his security team are responsible for vetting driver identities, attending court cases about which areas Uber can legally operate in and the standard cybersecurity practices in which any organisation needs to engage.

Sullivan outlined some of the challenges he faced as Uber chief security officer, such as the huge demand for data at any one time.

"Every company is a data company now; no one can be unsophisticated," he said.

"The challenge is, half the company needs access to customer data some of the time – it is not just customer support, it is marketing, engineers – communications when they need to figure out what happened in an incident," he said.

The solution, Sullivan argued, is auditing who has access to data and to examine what they are using it for.

Despite the controversies surrounding it, Uber has been a success and has an increasing user base. However, recent reports also suggest that the firm – effectively little more than a 'middle man' between cars and customers – is haemorrhaging money, with figures suggesting Uber is losing $470m (£300m) on revenues of $415m.

Computing's Enterprise Security and Risk Management Summit takes place later this year and is free to attend for qualified end users. Register here.