What infosec pros need to know before conducting a bug bounty program

Hospital information security teams should consider implementing bug bounty programs to detect and report on network vulnerabilities. Bug bounty programs have proven to be effective in finding and fixing vulnerabilities. Approaching infosec work carefully and structuring the program in a way that protects the organization and patient data is important. Bug bounties can augment in-house security staff and validate in-house security efforts. Healthcare organizations can benefit from crowdsourcing security solutions to expand resources. Security officers need buy-in from all executives, as data security is a concern for everyone.