Leading crowdsourced security platform Bugcrowd has recently published its Inside the Mind of a Hacker Report, offering new analysis and insight on the digital bug hunting community. According to the third annual report, 81% of those in cybersecurity careers credited bug hunting in their experience and employability.
"Bug bounties have impacted my life by teaching me skills that I didn't know from doing traditional pentesting," said Phillip Wylie, a top performing security researcher for Bugcrowd based out of Texas. "I really enjoy being involved in the security and hacking community and I now teach ethical hacking at a community college. It's important to share knowledge in our community so we can push ourselves to be better."
According to this year's report, the Bugcrowd hacker community is a highly motivated group with 50 percent bug hunting on top of a regular nine-to-five job. They are focused on their infosec careers with nearly 32 percent wanting to be full time bug hunters, and more than 20 percent looking to be top security engineers or CISOs at large tech companies. While more than 80 percent have completed some form of higher education, with 25 percent completing or currently working on a graduate degree, nearly half (43 percent) are self-taught bug hunters who learned how to hack via online resources and blogs. The depth and breadth of this community is meaningful for an industry currently facing a massive skills shortage, with Cybersecurity Ventures predicting there will be 3.5 million cybersecurity job openings by 2021.
In this 2019 Edition, Inside the Mind of a Hacker went beyond demographics, skill sets and motivations and for the first time examined gender inequality, security education, and a deep dive into the Bugcrowd Elite, MVP and Top 50 researchers.
Key findings include:
"Cybersecurity isn't a technology problem, it's a people problem - and in the whitehat hacker community there's an army of allies waiting and ready to join the fight," said Casey Ellis, founder and CTO at Bugcrowd. "Bug hunting is a perfect entry point for would-be infosecurity professionals to gain real-world experience, as well as for seasoned professionals to hone their skills and supplement their income. With cybercrime expected to more than triple over the next five years, bug hunting addresses the dire need for security skills at scale."
Join us in Bangkok the 19th to the 22nd of March for the Property Portal Watch Conference.