Like Countable?

Install the App
TRY NOW

house Bill H.R. 3868

Should the Treasury Have a “Bug Bounty” Program to Expose & Fix Vulnerabilities in its Computer Systems?

Argument in favor

A bug bounty program would be an effective, secure way to test the vulnerabilities in the Treasury Department’s information systems to ensure taxpayer information is protected.

Richard's Opinion
···
11/04/2017
There are consulting services composed of “Black Hat” hackers that could be hired to find vulnerabilities. We should be outraged that this is just now being considered when in fact all government agencies should already be doing this. Let’s not forget the huge OPM hack that stole sensitive personal data on millions of people that hold security clearances and deal with our countries classified information. The government should introduce a new law requiring this for all government and federal agencies. They should also impose this on all credit handing services of consumer information like Equifax, Experian and TransUnion. It’s disappointing how often our government displays a lack of common sense. Where’s Al Gore now? Remember he claimed he invented the internet. IDIOT!
Like (105)
Follow
Share
TracyEckels's Opinion
···
11/04/2017
I think that we should have a full on Cyber-Security Bureau that should be constantly testing our governments computer systems for weaknesses and exploits.
Like (70)
Follow
Share
Bob's Opinion
···
11/04/2017
The United States must get more tech savvy. Fast. The vulnerabilities exhibited by recent revelations by Equifax, Yahoo and seemingly countless others (who should have been protecting their customers but didn’t) should be a cautionary tale for our government. Especially when taken in the context of ongoing investigations into Russia’s interference in our country’s 2016 General Election. We need to close the holes in our country’s cyber security. A bounty system would bring to bear some of our brightest citizens to close these holes.
Like (24)
Follow
Share

Argument opposed

A bug bounty program could expose weaknesses in the Treasury Department’s information systems that aren’t fixed, allowing them to be exploited by real hackers.

Christopher's Opinion
···
11/04/2017
If Congress understood anything about technology they would put their money in more IT Security Development instead of Defense Spending. Russia, China, Iran, and even North Korea spend a fraction of funds on their Defense Spending and run circles around our IT Security. Want to make America great again, invest in our intellectual human capital and less in this 20th Century Groupthink you have going on among your so called ‘conservatives’, which sounds more like remedial governance for high school drop outs.
Like (94)
Follow
Share
OlderNWiser's Opinion
···
11/04/2017
This is like spitting into the wind to fix a problem. Too little, too late, and sponsored by a Southern Republican which, sadly, makes me suspicious of intent. The idea sounds stupid frankly. Hiring hackers? Really! How about enough competent staff to prevent the problem? No, this sounds like another catastrophe in the making. While pardoning the banks, corporations, and credit unions for all wrongdoing, hiring hackers to boot is an invitation to further destruction.
Like (46)
Follow
Share
Michael.J.L's Opinion
···
11/04/2017
As a former IT/IS person the one thing I always told my clients is that if you want to make sure you are never hacked via the Internet don't connect to it. If someone wants to get into your system they will find a way. And systems can be hacked into directly....not via the Internet. The only way to mitigate it is to make sure all software and hardware vulnerabilities are kept patched and configured securely. Also, proper 24/7 monitoring is needed. Our government needs to have a robust, world-class IT/IS department fully funded, and work closely with software manufacturers to keep up-to-date on vulnerabilities, and out-of-date hardware and software need to be replaced. Also frequent testing of systems are needed. There is no excuse for our government computer systems to be as vulnerable as they are. Having outside white-hat hackers testing government system vulnerabilities gives me pause, as government employees fully-vetted would be better.
Like (38)
Follow
Share
    There are consulting services composed of “Black Hat” hackers that could be hired to find vulnerabilities. We should be outraged that this is just now being considered when in fact all government agencies should already be doing this. Let’s not forget the huge OPM hack that stole sensitive personal data on millions of people that hold security clearances and deal with our countries classified information. The government should introduce a new law requiring this for all government and federal agencies. They should also impose this on all credit handing services of consumer information like Equifax, Experian and TransUnion. It’s disappointing how often our government displays a lack of common sense. Where’s Al Gore now? Remember he claimed he invented the internet. IDIOT!
    Like (105)
    Follow
    Share
    If Congress understood anything about technology they would put their money in more IT Security Development instead of Defense Spending. Russia, China, Iran, and even North Korea spend a fraction of funds on their Defense Spending and run circles around our IT Security. Want to make America great again, invest in our intellectual human capital and less in this 20th Century Groupthink you have going on among your so called ‘conservatives’, which sounds more like remedial governance for high school drop outs.
    Like (94)
    Follow
    Share
    I think that we should have a full on Cyber-Security Bureau that should be constantly testing our governments computer systems for weaknesses and exploits.
    Like (70)
    Follow
    Share
    This is like spitting into the wind to fix a problem. Too little, too late, and sponsored by a Southern Republican which, sadly, makes me suspicious of intent. The idea sounds stupid frankly. Hiring hackers? Really! How about enough competent staff to prevent the problem? No, this sounds like another catastrophe in the making. While pardoning the banks, corporations, and credit unions for all wrongdoing, hiring hackers to boot is an invitation to further destruction.
    Like (46)
    Follow
    Share
    As a former IT/IS person the one thing I always told my clients is that if you want to make sure you are never hacked via the Internet don't connect to it. If someone wants to get into your system they will find a way. And systems can be hacked into directly....not via the Internet. The only way to mitigate it is to make sure all software and hardware vulnerabilities are kept patched and configured securely. Also, proper 24/7 monitoring is needed. Our government needs to have a robust, world-class IT/IS department fully funded, and work closely with software manufacturers to keep up-to-date on vulnerabilities, and out-of-date hardware and software need to be replaced. Also frequent testing of systems are needed. There is no excuse for our government computer systems to be as vulnerable as they are. Having outside white-hat hackers testing government system vulnerabilities gives me pause, as government employees fully-vetted would be better.
    Like (38)
    Follow
    Share
    The United States must get more tech savvy. Fast. The vulnerabilities exhibited by recent revelations by Equifax, Yahoo and seemingly countless others (who should have been protecting their customers but didn’t) should be a cautionary tale for our government. Especially when taken in the context of ongoing investigations into Russia’s interference in our country’s 2016 General Election. We need to close the holes in our country’s cyber security. A bounty system would bring to bear some of our brightest citizens to close these holes.
    Like (24)
    Follow
    Share
    With the importance of the security of the treasury, it is vital that our computer systems are as protected as possible. This low cost program is an important step.
    Like (17)
    Follow
    Share
    In the tech industry, programs like this have greatly improved cyber security.
    Like (14)
    Follow
    Share
    Yes. This system has been effective in finding potential entrances for hackers. Our government must do everything to protect our information.
    Like (8)
    Follow
    Share
    The Treasury like every business is responsible for the security of their systems, To pay a reward for finding bugs is tantamount to relinquishing their control of the security of their systems. In other words, they are admitting that they have neither the expertise nor experience to police their own system. It’s interesting that securing the nation’s election system is left to chance.
    Like (8)
    Follow
    Share
    This is a no brainier. People are going to find bugs - we want them to be on our side.
    Like (8)
    Follow
    Share
    This is an administration issue, not a legislative issue.
    Like (7)
    Follow
    Share
    This program seems unnecessary. Why doesn’t the Treasury put in the proper investments to make sure that their systems are secure? Staff at the Treasury should be constantly checking to ensure that their systems are as safe as possible from cyber attacks. Plus, even if you subject the participants of this program to background checks, it’s still an incredibly risky endeavor to allow these people to purposely hack the Treasury.
    Like (6)
    Follow
    Share
    There are people who would do this for free just to test their hacking skills and the fact that you’re putting this off till 2019 tells me how out of touch you are with the real world.
    Like (5)
    Follow
    Share
    I think the government should tread lightly on this issue for sure. But be a bit more decisive. Bring in experts. Invest more in Cyber security. But remember to respect Americans’ privacy.
    Like (5)
    Follow
    Share
    Every local state and federal agency that stores sensitive data should have one. Hospitals should have them. Educational institutions should have them. Crucial infrastructure and utilities should have them. Cyber warfare is here and we have only ourselves to blame if we’re hacked.
    Like (4)
    Follow
    Share
    This is a common and affective practice in the tech world, why not use it to protect taxpayers information.
    Like (4)
    Follow
    Share
    Agreed assuming there are no hidden provisions. White hat hackers are an asset and too many in the community have been charged by technically illiterate bureaucrats, destroying lived and ultimately weakening our digital infrastructure.
    Like (3)
    Follow
    Share
    This is the best way to discover security flaws. Pay well enough and people will find them and save us from future cyber attacks
    Like (3)
    Follow
    Share
    It can be a stepping stone to better infrastructure and security, but the government has to actually listen to the people first.
    Like (3)
    Follow
    Share
    MORE