Bug bounty programmes offer hope for cyber skills gap

clock • 2 min read
Bug bounty programmes could bring new minds into tech. Source: Intigriti

Bug bounty programmes could bring new minds into tech. Source: Intigriti

Half of survey respondents used bug bounty programmes to increase their security knowledge

Software is a massive industry, enabling fast, reliable operations even when everyone is working from home. Protecting those vital systems is key to ensuring work can continue; however, security professionals are increasingly finding that on-the-job training is not enough when it comes to keeping up with the rising scale and sophistication of attacks.

According to a new survey of nearly 1,200 ethical hackers by vulnerability disclosure platform Intigriti, security professionals are turning to bug bounty programmes - whereby white hat hackers can legally report bugs to an organisation for a reward - to keep their skills and knowledge up to date.

Half of the respondents to Intigriti's survey said they used bug bounty hunting to learn useful, relevant knowledge, compared to just 11% who said their job was their primary source. That makes bounty hunting the second-most-popular resource for developing general information security, just after the element that is tried and true across industries: practice.

The same was true for traditional education. Seventy-eight per cent of respondents said bounty hunting was the best resource for building a toolset of information about security, versus 8% who favoured a school, college or university.

The survey results may indicate that bug bounty hunting is a valid path to tackle the cybersecurity skills shortage: 32% of respondents were students, and 86% described themselves as 'part-time' bounty hunters.

The pandemic has also helped drive more people towards the practice. In comparison to a similar survey from pre-pandemic, 59% of respondents said they are spending more time bounty hunting - with 74% saying they were doing so to increase their skills, and just over half (53%) saying they saw it as a path to increase their earnings.

Intigriti's Head of Hackers, Inti De Ceukelaire, said:

"The work-from-home culture has made employees desire more independence and has further encouraged digital nomads to pursue a remote working career. Bug bounty platforms can not only facilitate this, but they also allow people to work wherever they want, whenever they want, and without having to rely on a boss to match their talents with customers or be part of a corporate hierarchy."

Download Intigriti's full report here

You may also like
Hackers launch brute-force attacks on business VPNs and more

Threats and Risks

The attacks rely on trial-and-error attempts to crack login credentials

clock 18 April 2024 • 2 min read
Last chance to register for Cybersecurity Festival 2024


Book your free place today

clock 18 April 2024 • 2 min read
Interview: Illumio, Security Excellence Awards finalist


'We are one team, delivering one platform, on one mission to ensure that organisations can realise a future without any high-profile breaches'

clock 17 April 2024 • 5 min read
Most read

Sign up to our newsletter

The best news, stories, features and photos from the day in one perfectly formed email.

More on Skills

IT Essentials: 'Impressively innovative' and other inanities

IT Essentials: 'Impressively innovative' and other inanities

Trying to save time may be taking us towards real-world harm

Tom Allen
clock 03 April 2024 • 2 min read
Empowering women in tech: Bridging the digital skills shortage

Empowering women in tech: Bridging the digital skills shortage

The lack of female representation is leaving much work to do

Sheila Flavell
clock 12 March 2024 • 3 min read
Don't encourage kids to code, says Nvidia CEO

Don't encourage kids to code, says Nvidia CEO

AI threatens the future of coding

clock 29 February 2024 • 3 min read