HB 328 Hack Your State Department Act

About HB-328

Requires the Department of State to design, establish, and make publicly known a Vulnerability Disclosure Process to improve cybersecurity. In establishing the process, the State Department must identify which information technology should be included, determine whether the process should differentiate among and specify the types of security vulnerabilities that may be targeted, and provide a readily available form and means of reporting, amongst other requirements. The bill requires the State Department to establish a bug bounty pilot program, where an approved individual, organization, or company is temporarily authorized to identify and report vulnerabilities of internet-facing information technology of the State Department in exchange for compensation.