Bugcrowd CEO Ashish Gupta on crowdsourced cybersecurity and engaging members of new generations

CEO Ashish Gupta joined the Bugcrowd team two years ago, and while the company consists of 200 employees, there are hundreds of thousands of white hat hackers that work with it worldwide. Bugcrowd matches customers with the right hackers for their specific job. Ladders spoke with Gupta to hear about why it’s important to keep people involved in cybersecurity and why “ethical hacking” is so appealing to Millennials and Gen Zers.

How would you describe your management style?

“Transparent, collaborative, and invested. At Bugcrowd, we are in the business of trust and democratization of the security ecosystem. By creating a transparent environment, we drive our camaraderie and motivation to maximize the impact people can have within our company, our community, and our industry.

We also like to encourage our staff to think like hackers and create a creative and respectful learning environment where they can do their best work. We encourage people to take risks with the goal to expand their aperture – whether it be about their learning, their contributions, or their career aspirations.

Overall, our team works well together and drive results because they are aligned around the company mission, feel accountable to each other, and trust their colleagues which is crucial to building out a successful workforce.”

In your opinion, what’s the most difficult part of being a CEO?

“To the point above, it’s being able to continuously challenge and motivate an already determined, intelligent, and accomplished group of employees.”

Is your morning routine an important part of your day?

“Absolutely! I start with making my bed — first accomplishment for the day and ensures a comfortable bed to come back to at the end of the day. I’m out of the door pretty early, typically going to the gym and beating the traffic into San Francisco. Since I’m up and out early, I make sure that I call my kids before they go to school, most of the time getting them on speakerphone with a mouthful of cereal. Last, I always make sure to start (and end) the workday with zero unread emails and messages so I can focus on our team during the day and family in the evening.”

What’s the most interesting industry trend to you right now?

“Crowdsourced security of course! A cybersecurity market is a crowded place, with a lot of buzzwords being thrown around. But security is innately a human problem that’s been accelerated by technology. It’s going to come back to taking a layered approach to security where humans are a part of the solution.”

How does Bugcrowd stand out against industry competition?

“We don’t ask our customers to compromise. Bugcrowd consistently ensures efficiency and quality by unlocking the creativity of humans on a platform that maximizes their ability to have an impact. We truly democratize crowdsourced security for both the researchers and customers.

While we weren’t the ones to invent a bug bounty approach, we are the first company to offer a crowdsourced security platform that delivers fully-managed bug bounty, vulnerability disclosure, and Next Gen Pen Test programs.

Our platform is a big differentiator for us in supporting these programs. Based on seven years of program and Crowd insight, we’ve built standardized workflows to deliver security at scale by unlocking the abilities of the world’s most talented ethical hackers. The result, we have the highest signal to noise ratio when it comes to finding and fixing the most critical security vulnerabilities within our customer’s programs.

At Bugcrowd, we also understand the importance of matching the right researchers with the right programs. We automatically identify, verify, and match the right resources for every customer and project to ensure for the most successful programs and researcher engagement.”

Bugcrowd’s founder labeled cybersecurity as a human problem, not a technology one. Can you explain that?

“For as long as humans are writing software, developers and programmers are going to inadvertently make mistakes. This problem is perpetually accelerated by the pressure of speed to market. When humans unknowingly make coding mistakes, these mistakes can turn into vulnerabilities that can be exploited. That’s where Bugcrowd comes in, aiming to mitigate the fallout before these vulnerabilities are maliciously exploited by bringing human ingenuity back into the solution through our Crowd.”

Why do you think security research/ethical hacking is so appealing to Millennials and Gen Zers?

“The workforce of the future is driven by three important things: mission they believe in, working on something they have an impact on, and what they’re learning. It’s no longer only about making a living to support families and communities. Millennials are driven by purpose, not perks – and companies that don’t understand this will miss the mark altogether.

This is what makes ethical hacking so appealing — it ticks all the boxes. Our researchers have extremely unique skills that are suited to address key issues in the market. They have the same skills as the adversaries with the desire to do good, and in turn, are recognized and rewarded for their hard work.

Bug hunting also offers time flexibility and serves as a stepping stone in a long term career. Half of our hackers’ bug hunt on top of a normal 9 to 5, with 22% consider bug hunting to be their full-time profession. And 81% of hackers say their experience bug hunting has helped them get a job in cybersecurity.”

What can other industries learn about engaging members of these generations?

“I’ll take it back to three things:

  • Have a shared understanding and alignment around the mission. By clearly aligning on the company’s purpose, and how each employee fits into that bigger picture, you can better ensure an engaged workforce.
  • Focus on creating a continuous closed-loop workflow where all your stakeholders can contribute and benefit without friction.
  • Create an environment where someone can have an impact and continuously learn through open and collaborative discussions.”

How do you describe the company culture at Bugcrowd?

“Bugcrowd has five core principles: Build it as you own it, simple is strong, think like a hacker, respect is key, and unquestionably happy customers. We regularly hear from both customers and researchers that Bugcrowd feels like a family, and we strive to maintain that internally as well. We work together as a team, and together each achieves more.”

What advice would you give to someone interviewing at Bugcrowd?

“Three pieces of advice:

  • Do your research and create a point of view. We like to know that you’re coming in prepared, understand your audience, and are willing to challenge us because we believe in human creativity and the use of it solve everyday challenges and yes, to also make the digitally-connected world a safer place.
  • Connect the dots. Link your point of view to how you can enhance our company by connecting your experience and career aspirations to the impact you want to have in the world. We like to hear that passion.
  • Think like a hacker. We want to know that you can think outside of the box, like our Crowd, and highly value creativity and ingenuity.
    And a bonus never forgets the power of professional courtesies, such as a thank you note following your interview.”