The Pentagon will invite hackers to test its cyber security systems beginning this spring in “the first cyber bug bounty program in the history of the federal government.”
Defense Department officials on Tuesday announced the “Hack the Pentagon” pilot program, which is modeled on similar security tests conducted by numerous large companies.
The department will deploy commercial sector crowdsourcing to identify qualified participants, who will be required to register and submit to a background check.
The initiative will then allow the hackers to search for vulnerabilities on the agency’s public webpages in a controlled, time-limited program. Participants could receive monetary awards or other recognition.
“I am always challenging our people to think outside the five-sided box that is the Pentagon,” said Defense Secretary Ash Carter. “Inviting responsible hackers to test our cybersecurity certainly meets that test.”
The initiative, which will officially kick off in April, will be led by the Pentagon’s Defense Digital Service, a team of U.S. Digital Service experts established by Carter last fall. Further details and rules will be provided in coming weeks.
The “Hack the Pentagon” program is the first in a series of agency cyber security tests. The announcement also follows last month’s debut of the White House’s Cyber National Action Plan.
Filed Under: Industry regulations