Digital:ID - Day 2: Robust Authentication and Verification Online
"It's Complicated: Cloud, Compliance, PII, and Security"
16.7 million individuals were impacted by identity theft, totalling $16.8 billion stollen, in 2017 alone. With the vast troves of personally identifiable information (PII) being updated and uploaded to countless databases for every ad you click, every photo you post, and every time you swipe your credit card, it’s vital that you feel confident that your information is protected. And your customers must know their identity is safe with you.
Of course, this isn’t as simple as it sounds.
In today’s highly regulated, policy-focused landscape, organizations are forced to develop a relationship with security that satisfies auditors, but doesn’t disrupt product deployment and business growth. For years, the traditional checkbox compliance approach to pen testing has slowed teams down, preventing innovation and scalability. In this session, HackerOne’s Scott McCormick will discuss how to build a data-focused bug bounty program that prioritizes building trust with customers and collaboration between hackers, developers, and external auditors to improve security posture and grow your business.
Scott leads HackerOne’s Governance, Risk and Compliance program, focusing on promoting hacker-powered security to meet regulatory and compliance requirements on an international scale. With extensive experience working in both offensive and defensive cyber security, he is dedicated to reducing the risk of breaches through continuous testing of clients’ environments to mitigate exposure to malicious attacks. Scott comes to HackerOne with the knowledge and expertise from working in the U.S. Intelligence Community and advising Fortune 500 companies in the private sector. He currently serves as a mentor to venture-backed Alchemist Accelerator, on the Board of Advisors for identity and access management platform UniquID, and is a councilor on ICANN GNSO Council.