Singapore to launch second bug bounty initiative with HackerOne

• Part of the ongoing commitment to build a secure and resilient Smart Nation
• The challenge will run over three weeks from December 2018 to January 2019

HACKERONE, the leading hacker-powered security platform, announced it will partner the Government Technology Agency of Singapore (GovTech) and the Cyber Security Agency of Singapore (CSA), to work with local and overseas hackers on a government bug bounty initiative to further protect Singapore citizens and help secure public-facing government systems.

With cyber-attacks growing in scale and complexity, the strategic bug bounty programme is part of the Singapore Government’s ongoing commitment to build a secure and resilient Smart Nation by strengthening collaboration with the cybersecurity industry and community. GovTech is the agency driving Singapore’s public sector digital transformation.

Following the success of a bug bounty programme with the Singapore Ministry of Defence (Mindef) earlier in 2018, this is HackerOne’s second bug bounty programme with the Singapore Government.

The bug bounty initiative will offer a select group of local bug bounty hackers a monetary reward, or bounty, for reporting valid vulnerabilities to GovTech so they can be safely resolved.

Bug bounty programmes are an industry best practice, implemented by public and private sector organisations across industries. The hacking challenge will run over a period of three weeks from December 2018 to January 2019 with the goal of finding security flaws in five public-facing government systems and websites.

By bringing together a community of cyber defenders who share the common goal of developing a safe and resilient cyberspace through the government bug bounty programme, the Singapore Government aims to build a shared sense of collective ownership over the cybersecurity of Government systems and websites, which is vital to achieve the country’s Smart Nation goals.

HackerOne was appointed as it has the largest credentialled global ethical hacker community and proven results with Mindef and other similar government organisations.

GovTech Singapore joins government agencies like Singapore Mindef, the US Department of Defense, US General Service Administration, and the European Commission who have selected HackerOne to leverage on the global hacker community to surface vulnerabilities before they were exploited by criminals.

Other organisations that have adopted the bug bounty model include companies like Google Play, Nintendo, General Motors, Starbucks, and others.

"Singapore is again setting an example for the rest of the world to follow by taking decisive steps towards securing their vital digital assets," said HackerOne chief executive officer Marten Mickos.

"Only governments that take cyber-security seriously can reduce their risk of breach and interruption of digital systems. Singapore's continued commitment to collaboration in cyber-security is something that will help propel the industry’s progress just as much as it will contribute to protecting Singapore citizen and resident data."