April 15, 2021


Connecting People

NAB crowdsources cyber security with bug bounty program – Finance – Strategy – Security

The National Australia Bank on Friday released a bug bounty system in partnership with crowdsourced cyber protection system Bugcrowd to strengthen its cyber posture.

Vetted protection researchers with an ‘Elite Believe in Score’ on Bugcrowd will be able to get the job done in stay environments to support check the bank’s protection.

NAB is the first of the ‘Big Four’ banks to involve a bug bounty system in its protection system as part of a proactive response to an era of ‘hyperconnectivity’ where new threats are regularly emerging, NAB govt company protection Nick Mckenzie reported.

He reported the managed crowdsourcing strategies would provide new perspectives to the bank’s cyber practice and benefits protection researchers who uncover earlier undisclosed vulnerabilities at the lender.

“Controlled, crowdsourced cyber protection provides collectively uniquely expert testers and protection researchers with clean perspectives to uncover vulnerabilities in our defences that traditional assessment may well have skipped,” McKenzie reported in a statement.

“Diversity is a vital but normally neglected aspect in protection and controls methods.

“Moving to a ‘paid bounty’ gives us the capability to attract a broader pool of ethically-properly trained protection researchers from across the globe,” he reported.

Bugcrowd CEO Ashish Gupta reported the partnership with NAB would support increase on its current protection system.

“In addition to being a person of the first in Australian banking to use the energy of a crowdsourced protection design, NAB has deployed an remarkable layered protection tactic that is now complemented by Bugcrowd’s group of protection researchers and system which assists in locating protection vulnerabilities more quickly and gather actionable insights to increase their resistance to cyber attacks,” Gupta reported.

Scientists working in NAB’s stay environments won’t have obtain to any consumer facts, the lender reported, and actions will not influence customers’ banking practical experience.

Other monetary establishments to run bug bounty courses with Bugcrowd involve Mastercard and Jack Dorsey’s payments processing company Square.