How Maryland’s bug bounty hackers found cyber vulnerabilities the state couldn’t

On the latest episode of StateScoop’s Priorities podcast, Maryland’s Senior Director of State Cybersecurity Lance Cleghorn talks about the state’s first bug bounty program, which saw white-hat hackers discovering over 40 vulnerabilities on the state’s websites. Cleghorn says the program was inspired by a similar program called “Hack the Pentagon,” that he and Maryland’s chief information officer, Katie Savage, ran when they worked together at the Department of Defense’s Defense Digital Service — which is part of the reason Cleghorn says he followed Savage to Maryland’s Department of Information Technology. Cleghorn also shares his perspective about why bug bounty programs are so successful as opposed to other methods of finding cybersecurity vulnerabilities, and offers insight into the future of bug bounty programs in the state.

New episodes of StateScoop’s Priorities Podcast are posted each Wednesday.

For more of the latest news and trends across the state and local government technology community, subscribe to the Priorities Podcast on Apple Podcasts, Google Podcasts,Soundcloud or Spotify.