You might think of TikTok as the place to go to find out new recipes and laugh at silly videos. And as a cybersecurity professional, TikTok’s potential data security issues are also likely to come to mind. However, in recent years, TikTok has worked to promote cybersecurity through its channels and programs. To highlight its efforts, TikTok celebrated Cybersecurity Month by promoting its cybersecurity focus and sharing cybersecurity TikTok creators.

Global Bug Bounty program with HackerOne

During Cybersecurity Month, the social media platform shared the results of its bug bounty program. In 2020, TikTok partnered with HackerOne and launched its Global Bug Bounty program, which encourages security researchers to report TikTok vulnerabilities. Over the past four years, over 450 security researchers have found 1,000 security vulnerabilities that were then sent to TikTok security teams. The program also awarded over $1.6 million in bounties to researchers.

As part of the program, TikTok launched its first live hacking in August, which included over 50 researchers in 29 countries. This wasn’t a boring event in a conference room, but rather a big stage with lights in Vegas that created an exciting atmosphere for attendees. A live leader board was the centerpiece, with the bounty rising and constant “cha chings” that hackers called the sound of money. To add to the energizing vibe, TikTok awarded over $720,000 in bounties.

Top TikTok cybersecurity creators

Surprisingly, the social media platform also hosts numerous creators who actually focus on promoting cybersecurity and educating users on good online habits — both on TikTok and beyond. Here are two of TikTok’s top cybersecurity creators:

Kevin @adjacentnode

Kevin works as a network engineer for Hillsborough County in Florida, where he manages the network and works to improve the jurisdiction security posture. He takes a straightforward approach, talking to the camera and sharing his content that is relatable and straight-to-the-point — no worries about overly long videos on his feed. And you know he’s serious when he dons both his signature black baseball hat plus his glasses at the same time.

In addition to network engineer content, such as his unboxing video of Flipper Zero and the top 5 things network engineers should have in their bags, he has a heavy cybersecurity focus. For example, he shares his inside secrets for cybersecurity, such as discovering new scripts in Open Port, and even pokes fun at himself for not knowing this sooner. He also does a fabulous job of explaining complex security topics that even non-techies can grasp, with his Man in the Middle Tutorial achieving standout status. And his video about why you shouldn’t trust free public Wi-Fi — complete with his signature hat on backward — does a great job visually showing people how easy it is to compromise data and devices. His hands-on demonstrations with his dramatic flair make the videos both interesting and informative. While his creepy hacker replication is on the cheesy side, his video about social engineering delivers in a lighthearted manner the important message that you are your own biggest cybersecurity risk.

But it’s not all #techtok on Kevin’s feed. While not exactly cybersecurity-focused, Kevin’s how-to-dress-like-an-office-IT siren video is spot-on and hilarious. And we promise that you will at least crack a smile at his workout video for network engineers.

Marcus @itsmarcushutchins

While you may never have known Marcus Hutchins’ name, he’s credited with stopping the WannaCry ransomware attack by registering a domain that activated a kill switch. A pinned post on his account shares honestly about how his life became derailed after saving the internet and then ending up in jail. Now, since his expectations of staying an anonymous blogger with a side job as a corporate VP are in the past, he shares his cybersecurity knowledge with others — both fellow cybersecurity professionals and nontechnical users — with his TikTok channel. While his videos are pretty straightforward in production, he adds some funny videos and captions that successfully straddle the line between cheesy and funny.

With his distinct British accent and down-to-earth manner, Marcus is refreshing to listen to, and you feel like your techy friend is explaining things to you in a coffee shop. Marcus really shines when he breaks down current attacks in a way that isn’t either full of media hype or tech jargon. Both his videos about the CrowdStrike Outage and the AT&T Database highlight Marcus at his best.

His multi-part series on how hackers use keyless entry to steal cars really breaks a complicated concept — relay attacks — into understandable terms. Marcus also provides consumer-type cybersecurity information, such as why you should not buy a cheap Wi-Fi security camera, whether others can see your search history from Wi-Fi and which smartphone is safest from hacking. While not directly about cybersecurity, his explanation about why he waits to adopt brand-new technology provides great food for thought about the benefit of understanding manual processes first.

Based on his career path as being both a white hat and a black hat hacker, he also provides his point of view on some often-discussed topics, such as the legality of teaching hacking and when writing malware becomes a crime. Marcus also tries to give back to newer professionals on his feed by sharing cybersecurity career advice. Because it’s often challenging to get hired as an entry-level engineer, he provides practical information on gaining the skills of a senior engineer without the official job title. 

TikTok and cybersecurity

In recent years, TikTok has focused on improving its cybersecurity and also hosts many cybersecurity content creators. However, the social media platform still has legitimate security concerns to keep in mind. By following cybersecurity best practices while using the channel, creators and viewers can both learn about cybersecurity and watch fun music videos in the same sitting.