Winterthur/Lucerne - Bug Bounty Switzerland and Zurich University of Applied Sciences (ZHAW) are jointly carrying out research with the aim of making cyber protection accessible to SMEs and public authorities. The focus of this project is on alternative financing models and non-monetary incentives for ethical hackers.

Together with the Lucerne-based firm Bug Bounty Switzerland, Zurich University of Applied Sciences (ZHAW) is keen to expand the platforms hosted in Switzerland by Bug Bounty Switzerland into a Swiss ecosystem for holistic IT vulnerability management and digital trust. The aim here is to connect ethical hackers with public authorities and suppliers as part of a continual information security process, further details of which can be found in a press release issued by Bug Bounty Switzerland. According to information from the company itself, the Bug Bounty Switzerland team consists of the “pioneers who have set up all known Bug Bounty programs in Switzerland”.

This ecosystem should also be accessible and affordable for small and medium-sized enterprises (SMEs), micro-organizations and public administration bodies. After all, as Peter Heinrich from the Center for Process Management & Information Security at the ZHAW School of Management and Law explains, “if the digital transformation in Switzerland is to succeed as a whole, we must not neglect SMEs and the public sector in terms of security”.

A Bug Bounty program is a program advertised by a company or organization that offers rewards such as cash or non-cash prizes for discovering vulnerabilities in software, applications or internet services. It is aimed at IT security professionals, otherwise referred to as ethical hackers, and forms part of the respective company or organization’s security strategy.

As part of a preliminary study, the focus is now on finding out which alternative financing models and non-monetary incentives are conceivable for ethical hackers. In addition, the complexity of the method should be further reduced. It is also important to involve external providers who take care of the management of the IT systems. Finally, the study will also aim to explore to what extent a community of Bug Bounty users could be useful in terms of exchanging knowledge and experiences both with each other and ethical hackers.

Contact us

Can we put you in touch with a peer company or research institute? Do you need any information regarding your strategic expansion to Switzerland's technology and business center? Give us a call or drop us a line. 

+41 44 254 59 59