realestatebusiness logo

Subscribe to our newsletter

NAB sets up ‘bug bounty’ cyber program

The major bank has partnered with a crowdsourced security company to establish a “bug bounty” cyber security program.

National Australia Bank (NAB) has announced the launch of a bug bounty program through its partnership with Bugcrowd, a crowdsourced security company.

Said to be the first program of its kind in Australian banking, NAB will reward vetted security researchers who uncover previously undisclosed vulnerabilities in NAB’s cyber environment.

According to NAB executive enterprise security, Nick McKenzie, using controlled crowdsourcing methods would assist NAB to further test its existing cyber security capabilities.

“Controlled, crowdsourced cyber security brings together uniquely skilled testers and security researchers with fresh perspective to uncover vulnerabilities in our defences that traditional assessment might have missed,” Mr McKenzie said.


“Diversity is a critical yet often overlooked factor in security and controls strategies. Moving to a ‘paid bounty’ gives us the ability to attract a wider pool of ethically trained security researchers from across the globe.

“Proactive cyber security measures are vital in today’s hyperconnected environment where new threats are constantly emerging.”

Under the program, the security researchers must have an “elite trust score” on the Bugcrowd platform to qualify.

The bank emphasised that while researchers will work in live environments, they will not have access to any customer information, and activities will not disrupt customers’ interactions with the bank.

Commenting on the partnership, Bugcrowd CEO Ashish Gupta said the company’s group of security researchers and platform will assist NAB with finding security vulnerabilities and gather “actionable insights” to increase their resistance to cyber attacks.

“We are excited to partner with NAB to assist in bolstering their innovative security strategy,” Mr Gupta said.

The major bank recently highlighted the growing issue of cyber threats when it appeared before the House of Representatives standing committee on economics during its review of Australia’s four major banks and other financial institutions.

Group chief risk officer Shaun Dooley revealed that NAB had been fighting millions of “ferocious” cyber threats and seen a 78 per cent increase in fraud attempts over recent months.

It had also seen a 33 per cent increase in estimated loss from May to June, Mr Dooley added.

NAB has recently migrated its online business banking tool, NAB Connect, to the cloud earlier this month, with its platform to be monitored for fraud detection by threat detection service, Amazon GuardDuty.

The news of the new bug bounty came on the same day as federal government launched an $800 million digital business plan.

The package is aimed at helping businesses digitise, including developing a new digital identity system, and more money for lenders implementing the Consumer Data Right for the open banking regime.

Moody’s Investors Service recently reported that the “large-scale shift” to digital banking and remote work amid the COVID-19 crisis has increased the banking sector’s exposure to cyber attack.

“Banks have quickly responded to these challenges but, in pursuing an accelerated technology development cycle, have also increased their potential vulnerabilities to cyber attack.”

[Related: Lender employs PwC fraud prevention software]

NAB sets up ‘bug bounty’ cyber program
NAB sets up ‘bug bounty’ cyber program

Malavika Santhebennur

Malavika Santhebennur is the features editor on the mortgages titles at Momentum Media.

Before joining the team in 2019, Malavika held roles with Money Management and Benchmark Media. She has been writing about financial services for the past six years.

Latest News

The brokerage has teamed with the fintech, for the launch of a new app that will let borrowers compare pricing and environmental impact acro...

The desire to secure a mortgage has collapsed across the country, according to a new analysis from Equifax. ...

The Reserve Bank will be closely watching how households respond to higher rates as it decides its next move, ANZ senior economists have sai...


Join Australia's most informed brokers

Do you know which lenders are providing brokers and their customers with the best service?

Use this monthly data to make informed decisions about which lenders to use. Simply contribute to the survey and we'll send you the results directly to your inbox - completely free!

What is the maximum proportion of income borrowers should use to service a mortgage?

Website Notifications

Get notifications in real-time for staying up to date with content that matters to you.