According to Casey Ellis, CTO and Founder of Bugcrowd, leveraging outside researchers is key in getting ahead of attackers.
Ellis tells Digital Journal: “The iOS Security Research Device program is a step in the right direction for Apple”. The basis for this is because despite rumours to the contrary, iPhones are just as vulnerable to cybersecurity exploits as Android devices. Being a U.S. company makes Apple a particular target for nation-state-backed attackers. Hence, Apple is looking at all areas for a security boost.
Ellis thinks the measures put in place are useful, and notes further: “To proactively identify and close vulnerabilities in their products before they can be exploited by bad actors, both before and after products are brought to market, organizations should take a page out of Apple’s playbook and work with outside researchers.”
With this Ellis says that a proactive approach is important: “Speed is the natural enemy of security in software development, and no organization is safe, even companies with in-house security teams.” Putting new measures in place is therefore a priority.