- Big bank NAB will reward people who find vulnerabilities in its systems under a new program.
- The bug bounty program was created in partnership with crowdsourced security company Bugcrowd.
- It’s designed to further boost NAB’s own cybersecurity systems.
NAB is offering a reward to people who find vulnerabilities in its systems.
The big bank partnered with crowdsourced security company Bugcrowd to launch a cyber bug bounty program in a first for an Australian bank.
Under the program, NAB will reward vetted security researchers who are able to find previously undisclosed vulnerabilities in its network. Those who participate, however, have to have an ‘Elite Trust Score’ on the Bugcrowd platform.
NAB Executive Enterprise Security, Nick McKenzie said in a statement that using a controlled crowdsourcing system would help the company further strengthen its own cybersecurity methods.
“Controlled, crowdsourced cybersecurity brings together uniquely skilled testers and security researchers with fresh perspectives to uncover vulnerabilities in our defences that traditional assessment might have missed,” he said.
“Proactive cybersecurity measures are vital in today’s hyperconnected environment where new threats are constantly emerging.”
McKenzie added that diversity is an important yet often overlooked factor when it comes to security strategies.
“Moving to a ‘paid bounty’ gives us the ability to attract a wider pool of ethically-trained security researchers from across the globe,” he said.
NAB added that the researchers won’t have access to any customer information and the program won’t affect the customer banking experience.
The program comes after NAB CEO Ross McEwan said at a panel in September that NAB faces tens of millions of cyber attacks every month.