Connect with us

Hi, what are you looking for?

HEADLINES

Secuna offers free services to help gov’t agencies, SMEs beef up cybersecurity

“Governments and non-governmental organizations can run vulnerability disclosure programs (VDP) through the Secuna platform for free. They can also run bug bounty programs (BBP) for free, with no platform subscription, if they want to incentivize security researchers for reporting a valid bug,” said AJ Dumanhug, CEO of Secuna.

In response to the rising cybersecurity threats in the Philippines, Secuna, the first and the only crowdsourced cybersecurity testing platform in the country, is offering its community of security researchers to provide free bug bounty and vulnerability disclosure programs to help the government agencies and private organizations better their security capabilities.

“Governments and non-governmental organizations can run vulnerability disclosure programs (VDP) through the Secuna platform for free. They can also run bug bounty programs (BBP) for free, with no platform subscription, if they want to incentivize security researchers for reporting a valid bug,” said AJ Dumanhug, CEO of Secuna.

A VDP is a structured method for third parties, researchers, and ethical hackers to report vulnerabilities easily. The program provides a straightforward method to communicate findings and to show customers and investors that they take security seriously. It gives organizations a chance to develop a patch and disclose the issue once a solution is ready. This approach follows the international standard ISO/IEC 29147:2014 for vulnerability disclosure.

Ethical hackers disclose vulnerabilities for both VDP and bounty programs. The key difference is that bug bounty programs include rewards or incentives to encourage cybersecurity professionals with a wide range of skill sets and experiences to find, identify, and report potential vulnerabilities.

Advertisement. Scroll to continue reading.

In BBP, no money changes hands until the vulnerability is validated and determined to be compliant with the terms specified on the policy page of the program, and the payout is based on the severity of the reported vulnerability. Bug bounty programs can either be open or private.

While bug bounty and vulnerability disclosure programs are already standard security procedures in the private sector, there’s still much work to be done to strengthen the country’s defenses against the proliferation of malicious cyber-attacks and data breaches that could lead to national risks.

The website of Secuna outlines the broad set of its features and provides guides and other resources for putting these free cybersecurity tools to best use. Secuna encourages government agencies and SMEs to contact them to assess and help them implement the best cybersecurity practices.

“They only need to set up a policy on our platform which contains rules, a target list, and a list of acceptable vulnerabilities. Then they will launch their VDP or BBP so that the vetted community of researchers in our platform can start looking for vulnerabilities and report them accordingly. These are free trial services and have no limits,” said Dumanhug.

AMPLIFYING CYBERSECURITY AWARENESS AND READINESS

Advertisement. Scroll to continue reading.

Six years after the country’s cybersecurity framework was launched, the country remains at Level 1, meaning “no standardized processes are in place”, in terms of awareness and communication, and cybersecurity skills and expertise. 

Moreover, the COVID-19 pandemic has aided in increasing reliance on digital channels, and it has also attracted bad actors as online scams have increased.

Just last year, the Philippines ranked fourth in Kaspersky’s global ranking of countries most targeted by web threats. 

Dumanhug warned that cyberattacks are expected to become more complex in a few years.

“We have to act quickly by implementing programs that are already available to us. Cyber attackers are now using new technologies like artificial intelligence that’s why private organizations, SMEs, and the National Government should also take advantage of the technologies we have to keep up with the attackers,” he noted.

Advertisement. Scroll to continue reading.

Advertisement
Advertisement
Advertisement

Like Us On Facebook

You May Also Like

HEADLINES

With the e-Commerce market projected to hit $24 billion by 2025, foodpanda sees significant growth potential in the local digital space.

HEADLINES

Emperador’s move to cashless payments reduces cash-handling risks, improves transaction speed, and enables the sales teams and retailers to focus on business growth and...

HEADLINES

inDrive gave away more than Php 1.1 million worth of rewards to its partner drivers which included a Honda ADV 160 motorcycle as the...

HEADLINES

A leveled-up 5G connectivity, Smart 5G Max features significantly faster speeds for uploading and downloading, and ultra-low latency, providing customers with amazing mobile experiences.

HEADLINES

The project is expected to increase Asialink’s total loans to SMEs from Php 8.8 billion (around $150 million) to around Php 13 billion, with...

HEADLINES

The partnership enables MCU to integrate Fortinet’s Network Security Expert (NSE) training and certification program into its academic offerings, either as part of the curriculum or...

HEADLINES

Leveraging a robust "Cloud + AI" development strategy, Alibaba Cloud has witnessed substantial growth in external client revenue.

HEADLINES

Introduced in the country in August 2022, Skyro offers one of the most flexible product loans in the country.

Advertisement