HomeInterviewHackathons pave the way for a security-first mindset in the workforce

Hackathons pave the way for a security-first mindset in the workforce

In an era marked by evolving technological progress, hackathons have emerged as an innovative tool for businesses with industry leaders and policy-makers deploying it as a business strategy. More than 80% of Fortune 100 companies leverage hackathons as a strategy to fuel innovation, with over half of these hackathons being recurrent events, only signalling their effectiveness.

Clearly, hackathons have many advantages over traditional innovation management processes. Hackathons are inclusive and agile, promote multidisciplinary collaboration, and help businesses innovate at the pace necessary to address the fast-changing technology landscape. They are instrumental in de-risking product development, improving employee engagement and retention, accelerating problem-solving, enhancing collaboration between business functions, bringing about cost savings through R&D, but more importantly, instilling a culture of preventive security, where security is a concern for the organisation as a whole. In this interview with FYI9, Scott Caveza, Staff Research Engineer at Tenable, discusses why organizations must leverage hackathons for better security.

Prateek: How do hackathons help organizations in supporting/enhancing their security outlook? Cite instance (if any).

Scott Caveza: When it comes to software, only some people possess the knowledge of the product compared to the teams responsible for its design and support. Organizations that take advantage of hackathons can tap into their internal teams’ unique skill sets and diverse backgrounds to identify potential vulnerabilities or issues in design and implementation. In examining security advisories from major companies such as Microsoft, vulnerabilities are often attributed to internal teams.

Prateek: With rapid innovation in cloud and AI, the cybersecurity landscape has become more complicated with criminals becoming smarter than ever before. How could hackathons augment the capabilities of companies’ internal security teams to identify and fix vulnerabilities?

Scott Caveza: An organization’s cybersecurity extends beyond the internal security team. Engaging development teams in exercises like hackathons can instill a preventive mindset toward identifying and addressing security threats effectively. Secure software development should be a forethought rather than an afterthought. This can be initiated by engaging development teams with security experts to help them understand how vulnerabilities are found and exploited.

Prateek: What other benefits do such security hackathons offer?

Scott Caveza: Beyond looking for vulnerabilities, a hackathon can help identify workflow and usability issues. Multiple business units can participate and identify bugs or situations that might provide a poor user experience within the same hackathon. Through these hackathons, organisations can identify new talent and skills as well as opportunities for cross-training to not only build a better product, but a more secure one.

For any interview, exclusive authored article, or product launch write to us at pr@fyi9.com

Must Read