Harry Grobbelaar
As the CRO at Intigriti, Harry leads the revenue functions that drives growth. With over 20 years of cybersecurity experience and a deep technical background in security testing, adversary simulations and incident response, he has led numerous projects for multinational organisations, with a focus in the financial services/ telecoms sectors across Europe, US, Singapore and Africa.
As part of the early founding team at MWR InfoSecurity in the 2004, he had a front line seat on the global expansion rollercoaster of MWR from a small startup in the UK to an international research led security consultancy, until MWR's acquisition in 2018.
Harry joined Intigriti in 2020, at an exciting time as Intigriti went from startup into scale-up phase and bug-bounty and crowdsecurity started to become more mainstream.
Session
Security teams often need to balance what they want to implement with the security budgets available to them, running into the question “What is the ROI?” to sell the value to the business.
This talk bridges the gap between hacking and the boardroom by showing how to measure the Return on Security Investment (ROSI) of a bug bounty program.
Using real breach cost data from IBM, attack vectors from Verizon’s DBIR, security maturity insights from security maturity frameworks, and data from global bug bounty programs, this talk will walk you through a methodology to translate vulnerabilities into financial impact, avoided losses, and strategic value. Attendees will leave with a practical framework and examples they can use to justify, defend, or expand a bug bounty program inside their own organizations.