Earlier this month, I had the privilege of attending Bugcrowd’s North America Customer Advisory Board Meeting, just outside of San Francisco, California. It was an incredible opportunity to engage in interactive discussions with the leaders of some of our wonderful customers. 

Engaging with customers is easily one of my favorite parts of my role as Chief Revenue Officer here at Bugcrowd. I find that I learn so much in these conversations. Bugcrowd customers are incredibly vocal, and I value their honest, thoughtful, direct feedback.

I want to take the opportunity to share some of my biggest takeaways and learnings from the meeting so we can all continue to benefit from the expertise of the security leaders in the room. 

Takeaways from Bugcrowd customers

Making AI conversations actionable

Everyone is hopping on the AI bandwagon, but how do customers get past the hype and find meaningful conversations about how AI is being used across different companies to strengthen their security programs? 

For all of the conversations happening around AI, many cybersecurity program priorities aren’t changing fast enough. At this point, AI adoption mostly comes in the form of embracing AI embedded into security tools and technologies. Although using AI as a tool is still advancing, it’s important to consider AI as a target and AI as a threat. AI adds significant new vulnerabilities to the attack surface involving security, ethics, and behavior, with the risk often amplified by deep integration with other systems. Bugcrowd AI Bias Assessments and AI Pen Testing can help with this. 

Creating opportunities to work closely with the hacking community

Bugcrowd’s CISO, Nick McKenzie, recently wrote a piece about the unlikely romance between hackers and CISOs. In my conversations with CISOs, I hear an increased desire to build stronger bridges between the hacker community. This desire goes beyond engaging with hackers on bug bounty programs—it includes truly investing in hackers. Most hackers work full-time security roles and are actively working to gain more skills. As they continue to up-level their skills, we all reap the benefits. 

Finding the right hacker skillset is crucial 

We talk a lot at Bugcrowd about our CrowdMatch technology, but I found that many conversations during the meetings came back to the importance of finding the right skills for hackers and pentesters. This is especially true for the emerging AI attack surface, where niche skills are often required. 

Bugcrowd customers know how to have fun

After a fantastic day of collaborating, we decided to see if our collective security skills transferred over to…the kitchen! We ended the evening with an interactive cooking class at the award-winning Cavallo Point Cooking School. It turns out that you can have some of the most talented CISOs in the world in one room, but throw on an apron, and you’ve got some pretty amazing chefs as well. 

In the end, I believe that these Customer Advisory Boards represent exactly what we’re all about here at Bugcrowd. They bring security minds together and allow us all to collaborate for the greater good. By swapping knowledge and sharing experiences, we can continue to make improvements that enable organizations to beat threat actors to the punch.