11 Oct Pan-European Cybersecurity Campaign – Opinions and Experiences
Response of our member YesWeHack on three core messages of the Campaign
Critical sectors and organisations are the targets of growing cyber threats. A ‘cyber Cold War’ with China and Russia on the one hand and the United States and Europe on the other is a trend of concern. Europe has the means to protect its institutions and companies: foster innovation in cybersecurity that predominantly benefits the Digital Single Market and strengthen investment capabilities to enable a robust cybersecurity ecosystem. YesWeHack is a striking example that bold innovation in cybersecurity is a winning bet in the European context.
European cybersecurity companies are innovative and mature. In the context of fast-growing and industrialized cybercrime, European cybersecurity companies will help you develop your business in a secure way. You will not face operation disruption, loss of data, or loss of competitive advantage. You will deliver your projects without waking up at night.
European Cybersecurity Companies are close to their customers. They understand their specific expectations, they are ready to listen and to incorporate Customers’ requests as quickly as possible. They have developed a Customer Success Program and work hand in hand with their customer base on their roadmap.
European Cybersecurity Companies comply with the EU regulations and transparency values. That means no unnecessary data capture, no Cloud Act, no backdoors, compliance with GDPR. It is a must at a time where both national Authorities and C-Level are more and more sensitive to regulatory issues.
The security of digital innovations is a primary concern for organisations and individuals alike. The number of connected digital services grows. And with it, the issue of vulnerability management is becoming increasingly urgent. Digital security risk undermines consumer trust and causes tremendous economic and social costs; it is estimated to have a yearly global cost ranging between EUR 85 billion and 5 000 billion and is increasingly threatening individuals’ safety.
Accordingly, the EU encourages the Member States to harmonise global cybersecurity policy through these regulatory commitments because the benefits are manifold. Thanks to common cybersecurity requirements inscribed in law, the European Union will create a unified market for its companies and enhance the level of expertise of the products. Moreover, organisations will no longer be restricted to their national market; instead, they will extend their offer to the entire European digital single market more efficiently.
New ways of testing the safety and quality of digital services emerge and establish themselves, bringing with them new possibilities to shape security and a fresh entrepreneurial dynamic.
Bug Bounty, also known as crowdsourced security, is one such unique way. Bug Bounty leverages the collective knowledge and skillsets of the crowd to hunt for technical vulnerabilities and business logic errors alike. Ethical hackers thus make significant contributions to increasing digital security. Furthermore, Bug Bounty is an agile and easy-to-scale security testing model that fits organisations of all sizes and budget breadth.
Our clients understand that. For example, we have been instrumental in raising the security posture of a European world-renowned luxury brand with worldwide operations . Two months from the launch of this client’s Bug Bounty programme, around 30 vulnerabilities have been identified, 60 percent of which have been corrected. This first glimpse of the Bug Bounty model enabled our customer to realise the extent of the flaws in their infrastructure. Now that our client has a clear understanding of how a Bug Bounty programme works, they are expanding its scope, increasing the rewards, and inviting new researchers. This first phase is essential to understand how researchers work and think and how best to implement effective vulnerability management across the relevant business lines.
Continuous monitoring of the information systems as occurring through Bug Bounty is an emerging standard.
Identifying vulnerabilities at any moment of the product lifecycle is an essential step towards cyber risk reduction.
Moreover, introducing a Coordinated Vulnerability Disclosure (CVD) programme is critical in limiting the cyber risk that has proven its worth worldwide.
YesWeHack has won the trust of hundreds of global companies as it focuses on creating stellar customer experiences and providing outstanding program results. From understanding the security requirements and designing customised programs to adapting the program to changing business requirements, our Customer Success Team sets YesWeHack apart. The platform’s research & development and infrastructure are based in Europe, thus setting high-quality standards and providing unique data sovereignty guarantees.
Founded in 2015, YesWeHack is a Global Bug Bounty & VDP Platform. YesWeHack offers companies an innovative approach to cybersecurity with Bug Bounty, connecting more than
25,000 ethical hackers across 170 countries with organisations to secure their exposed scopes and reporting vulnerabilities in their websites, mobile apps, infrastructure and connected devices.
-Rayna Stamboliyska, YesWeHack