Are you in compliance?

Don't miss out! Sign up today for our weekly newsletters and stay abreast of important GRC-related information and news.


Status message

Start your free, no obligation 5-day trial to continue exploring with full access.

Uber breach sheds light on how companies use ‘bug hunters’

Joe Mont | February 13, 2018

Cyber-security gets more complicated by the day. Companies face evolving technology, a regulatory hammer, and the complexity of breach notification rules that vary state-by-state.

There are also tough ethical decisions to consider. When does the transparency of breach disclosure become an invitation and blueprint for other hackers?  Should you pay the hackers behind a ransomware attack or adopt a “we don’t negotiate with terrorists” philosophy? Where, and how, does the line blur between “white hat” and “black hat” hackers? Are so-called “bug bounties” a viable security initiative, or a slippery slope?

Touching upon these debates is Uber, the app-enabled ride-sharing service as well known for its bad behavior as its phenomenal growth and forthcoming IPO. In recent months, it has batted down allegations of sexual harassment, unfair surge pricing, raped riders, sexual harassment within a divisive company culture, underpaying drivers, and allegedly stealing autonomous...

Buy this article for $49, or subscribe to Compliance Week for a month at $149 and get unlimited article access for 30 days.