With cyberattacks growing in scale and complexity, Singapore has decided to try and put itself ahead of the game with a strategic bug bounty program. The initiative is part of the government’s movement towards building a secure and resilient Smart Nation.
To that end, the Singapore government has been seeking to strengthen collaboration with the cybersecurity industry and community. These activities will be undertaken through its agency for public sector digital transformation, GovTech.
Earlier in 2018, there was a successful bug bounty program run in collaboration with the Singapore Ministry of Defence (MINDEF). Now, with partner HackerOne, GovTech is launching a second bug bounty program.
Bug Bounties offer experts in the field a chance at monetary rewards (the ‘bounty’) for reporting valid vulnerabilities to GovTech. This results in a wider testing field, so to speak, with the aim towards strengthening cryberdefences.
The bug bounty will be run over a period of three weeks from December 2018 to January 2019 with the goal of finding security flaws in five public-facing government systems and websites. HackerOne will be working with GovTech and the Cyber Security Agency of Singapore (CSA) on the project.
By bringing together a community of cyber defenders who share the common goal of developing a safe and resilient cyberspace through the government bug bounty program, the Singapore Government aims to build a shared sense of collective ownership over the cybersecurity of Government systems and websites, which is vital to achieve the country’s Smart Nation goals.
HackerOne has in the past successfully worked with other government organizations on similar activities, such as Singapore’s MINDEF, the US Department of Defense, US General Service Administration, and the European Commission.
“Singapore is again setting an example for the rest of the world to follow by taking decisive steps towards securing their vital digital assets,” said Marten Mickos, CEO HackerOne. “Only governments that take cybersecurity seriously can reduce their risk of breach and interruption of digital systems. Singapore’s continued commitment to collaboration in cybersecurity is something that will help propel the industry’s progress just as much as it will contribute to protecting Singapore citizen and resident data.”