The NCCC completes the first stage of implementing the “Bug Bounty Pilot Project” for critical infrastructure entities
As part of the first stage of the “Bug Bounty Pilot Project”, more than two dozen employees of critical infrastructure facilities and the public sector took a five-day practical advanced training course on testing to bypass the security (pentest).
Overall, the Project consists of six main stages, the next of which will be the practical application of the acquired skills, namely the search for vulnerabilities in networks and information systems of critical infrastructure and government institutions whose employees took the course. That is why the National Coordination Center for Cybersecurity at the National Security and Defense Council of Ukraine together with the Representation of the US Civilian Research and Development Foundation (CRDF Global) will provide participants with the necessary equipment and software. Based on the results of the identified vulnerabilities, it will be possible to take prompt response measures.
Within the framework of this Project, it is also planned to work out mechanisms for conducting audits and pentests of information systems, networks of state bodies, and critical infrastructure facilities to minimize the risks of cyber threats.
According to Deputy Secretary of the NSDC of Ukraine Serhiy Demedyuk, the “Bug Bounty Pilot Project” implementation program is the first of its kind in Ukraine for the public sector and critical infrastructure facilities.
“The lack of the possibility to legally test vulnerabilities in the perimeter of information systems has significantly hampered more effective protection of Ukrainian state networks. We have high hopes for this project”, - Serhiy Demedyuk stressed.
It bears reminding that on November 9, the NCCC at the NSDC of Ukraine, with the support of the CRDF Global, launched training for cybersecurity specialists as part of the “Bug Bounty Pilot Project”.
Reference:
The “Bug Bounty Pilot Project” is being implemented on the basis of the National Coordination Center for Cybersecurity at the NSDC of Ukraine with the support of the US Department of State through the independent non-profit organization CRDF Global.