Header image

Meet the man with 1.7 mn hackers on his books

Mårten Mickos, CEO of HackerOne, talks to SC Media about his relentless hunt for 'good hackers' 

Hackers are often portrayed in a negative light. The current Mirror Group phone hacking trial is a case in point. But there are positive examples too, such as recent reports about Ukrainian hackers fighting a cyber war with Russia.

According to Mårten Mickos, CEO of HackerOne, a security and bug bounty platform, ethical hackers are about to rise to “even greater importance” in a world of deep fakes and rising identity theft.

And with 1.7 million ethical hackers on his books ­­– discovering over 65,000 software flaws in companies such as Grammarly, Zoom, PayPal and Google – Mickos knows what he talking about.

As global geopolitical hacking fears scale new heights, Mickos is confident that the global number of ethical hackers outweighs criminal targeting the west, from countries such as Russia, Iran and China.

“It’s safe to say, as an estimate, there are still more ethical hackers than criminals. Even if there are 100,000 criminal hackers in China, that remains the case,” Mickos tells SC Media UK.

“There are more good people than bad people – it’s a race against time. It will soon become difficult to discern what’s real and what’s not with the rise of deep fakes. So authentication and fact checking will become routine.

“In the past, we might have laughed at poorly-constructed phishing emails from Nigeria but ChatGPT will write beautiful, personalised messages. Deception will rise to a whole new level.”

Mickos says ethical hackers are set to play an increasingly critical role in global defence.

“As well as finding bugs, they will be ready to do the work to find algorithmic bias and AI hallucinations,” he explains.

So, what does a hacker look like?

Mickos says the stereotype of a male hooded-hacker in a basement may not be entirely fabricated.

“Most stereotypes are built on at least a grain of truth. The cliche of the white male is true to a certain extent. Half of our hackers are 24-years or younger and most of them are men.

"The majority hail from markets with good STEM education and pervasive internet, such as India, South America, North Africa and even Turkey.”

The defining characteristic of a hacker is ‘curiosity’, says Mickos.

“They just want to figure it out. Hackers get so much criticism in the press but they are very pure people – I don’t even know an unethical hacker. They are the most idealistic people on the planet."

Ethical hackers don’t receive salaries as such, but rewards or ‘bounties’ for finding bugs and vulnerabilities. They often look for bugs outside the realm of their standard pay check job, says Mickos.

HackerOne has doled out $250 million in rewards since its inception in 2015.

The bug-hunting company, which has around 3,000 customers, expects to see its client base ramp up in the coming years.

“The reality is we have a frightening model – people don’t want to know about their weaknesses. Once they realise they have a problem, they know they have to fix it. But reality needs to be faced to build resilient defences.”

Upcoming Events


How to Automate the Lifecycle of Joiners, Movers, and Leavers With No-Code Solutions

Streamlining the lifecycle of joiners, movers, and leavers using no-code automation

The process of onboarding new employees and quickly removing departing staff profiles can be both time-consuming and labour-intensive.
In this live webinar, we will look at how to streamline these processes to save time and resources, and providing a smooth experience for both admins and employees.

Key takeaways:
  • Understanding the importance of securing the joiners, movers and leavers process
  • Exploring successful attacks that occurred due to errors in managing these transitions
  • Discover which advanced controls can be utilized
image image image