Online Magazine
Ethical Hackers
Big ideas with a big impact – that's what episode 3 of the "Cat!apult" podcast is all about. Sandro Nafzger, CEO of the Swiss start-up Bug Bounty Switzerland, wants to contribute to the digitalisation of the country with ethical hackers.
by Tobias Imbach
"Bounty hunters" are not only part of the history of the American West, they also exist in virtual space today and - most likely - will do so even more in the future. Because if you find vulnerabilities in an IT system as part of a bug bounty programme, you can be richly rewarded. Bug Bounty Switzerland is doing pioneering work in Switzerland and offers "bug" hunters a platform so that they can earn money by finding vulnerabilities and security gaps in the IT infrastructures of Swiss companies without making themselves liable to prosecution.
One of the three founders of the start-up is Sandro Nafzger – he is convinced that digitalisation will only succeed if ethical hackers are involved. In the podcast, he talks about what drives ethical hackers, why mistakes can cause jubilation and why the IT industry (especially in Switzerland) needs to rethink – and indeed does.
SAID & NOTED
ERRORS AND BUGS ARE PART OF IT
BUGS ARE NOT BAD, BUGS ARE A GREAT OPPORTUNITY
A BUG BOUNTY PROGRAMME IS NOT A "NICE TO HAVE" OR ANOTHER POSSIBLE IMPROVEMENT, IT IS A GAME CHANGER
THE BUSINESS WORLD AND THE HACKING WORLD ARE COMPLETELY DIFFERENT - THEY NEED A MEDIATOR
WORKING WITH ETHICAL HACKERS DOES NOT CREATE AN ADDITIONAL RISK, THE RISK DECREASES SIGNIFICANTLY
THE HACKER HAS TO TRUST THE COMPANY MUCH MORE THAN THE COMPANY HAS TO TRUST HIM
WE OFFER HACKERS A LEGAL SAFE HARBOUR THROUGH A SET OF RULES AND DECRIMINALISE THEM
THERE IS NO ABSOLUTE SECURITY - SECURITY IS A CONTINUOUS PROCESS
SANDRO NAFZGER
Bug Bounty Switzerland, Lucerne
Sandro Nafzger is one of the founders and CEO of Bug Bounty Switzerland. He is an expert in bug bounty programmes and crowdsourced cybersecurity. He helps Swiss organisations to take their IT security to the next level so that their digital transformation succeeds. He led the Public Intrusion Test (PIT) for e-voting as overall project manager and set up the group-wide bug bounty programme of Swiss Post (as an external employee). In the process, he was instrumental in establishing the first Legal Safe Harbor for ethical hackers in Switzerland.
