One-fifth of all cyberattacks target the financial sector, a share that is widely expected to rise. As cyberattacks become more frequent, the quantification and measurement of cyber risk and uncertainty will become pressing issues for policymakers.
ZISC supported research from Hans Gersbach and Fikri Pitsuwan that discusses the benefits of ‘bug bounty’ programmes, in which external agents are invited to search for a system’s vulnerabilities (bugs) in exchange for rewards (bounty). The researchers describe how the programmes work, illustrate various ways to implement them, and suggest augmenting existing programmes by inserting artificial bugs to enhance the incentives.
Read the whole article here or dive even deeper and read the whole research paper: Artificial Bugs for Bug Bounty.