In-brief: Markets for information on software vulnerabilities are good for security. But they can also raise moral and ethical quandaries, especially in an age of cyber physical risks, argues Cisco’s Marc Blackmer.
bounty
Auto Industry Publishes Best Practices for Cybersecurity
In-brief: An Automotive industry information sharing group has published Best Practices” document, giving individual automakers guidance on improving the cybersecurity of their vehicles.
Update- Zero to 60: Experts Divided on Wisdom of Fiat Chrysler’s Bounty
In-brief: Security experts are divided on Fiat Chrysler’s new bug bounty program, with some decrying small dollar awards, while others argue the company may have moved far too quickly in offering cash rewards to begin with.
Fiat Chrysler Launches Public Bug Bounty – But It’s Not All That
In-brief: Fiat Chrysler Automobiles (FCA) has unveiled a public “bounty” program that will pay security researchers up to $1,500 dollars for information on vulnerabilities in software used in conjunction with the company’s vehicles. Don’t get too excited.
Report: Feds Mull Bug Bounty Contest for Medical Devices
In-brief: Following the success of the Hack the Pentagon bug bounty program, officials at the U.S. Department of Health and Human Services are considering launching a similar program aimed at medical devices and other healthcare systems.