Web: https://www.reddit.com/r/cybersecurity/comments/viroyc/brainstorming_ideas_for_positive_incentives/

June 23, 2022, 8:04 a.m. | /u/173827

cybersecurity reddit.com

Hi, I'd love to hear some ideas for positive incentives to ensure better security posture.
Currently we mainly focus on "shame in front of the board" aka escalation if people don't do their pentests, fix findings on time, patch their stuff without unnecessary delays etc.

I would like to introduce positive incentives instead.

Examples I came up with so far (rough drafts without thinking about detailed definition though):

Product with the lowest aggregated severity will get the next pentest paid …


Collection Network Penetration Test Engineer TS SCI/Poly Eligible

@ Sixgen Inc. | United States

Senior Infrastructure Security Engineer

@ Angi | Toronto, ON - Remote

Senior Security Operations Engineer

@ Axiom Zen | Remote

Endpoint Protections - Security Research Engineer II

@ Elastic | United States

Senior Cyber Security Engineer

@ Evaluate | London, England, United Kingdom

Device Security Lead

@ Worldcoin | Berlin ; Erlangen ; New York ; San Francisco