Federal Council engages Bug Bounty Switzerland AG for IT security
Bern/Lucerne - The National Cyber Security Center has commissioned Bug Bounty Switzerland AG to carry out hacker programs. The first program in which ethical hackers will be tasked with exposing vulnerabilities in Federal Council applications and systems is set to begin this year.
The National Cyber Security Center (NCSC) based in Bern is teaming up with Bug Bounty Switzerland AG from Lucerne to carry out bug bounty programs in connection with Federal Council administration systems. The Federal Council, the Swiss federal government, has created a central platform for bug bounty programs for this purpose. Within the framework of such programs, ethical hackers are tasked with uncovering program errors and gaps in the IT systems and applications of the federal administration, thereby increasing the security of the Federal Council’s IT infrastructure, further details of which can be found in press release.
“Security gaps in IT systems are among the most common gateways for cyber-attacks. It is therefore all the more important to discover and rectify weak points as quickly as possible”, the press release states. As part of bug bounty programs, ethical hackers look for vulnerabilities (bugs) and receive rewards (bounties) depending on the severity of the vulnerability.
The Federal Council was able to gain initial experiences in this area as part of a pilot project in spring 2021. At that time, security researchers looked for security vulnerabilities in six IT systems of the Federal Department of Foreign Affairs and the Parliamentary Services for any security gaps.
Bug Bounty Switzerland has experience with bug bounty programs since 2015. In February 2021, the company launched the first bug bounty platform across Switzerland as a whole and can call upon an extensive community of ethical hackers.
