As part of Gulf Bank of Kuwait’s long-term vision to enhance cybersecurity and in line with its strong commitment to protect its customers’ data and digital systems from potential threats and hackers, Gulf Bank has officially launched its Vulnerability Disclosure Programme (VDP) and Bug Bounty programme.
The programme seeks to involve the cybersecurity community, comprising experts, specialists, and ethical hackers, in assisting the Bank in identifying and resolving vulnerabilities that may affect its systems and services. The objective is to allow the Bank to address the vulnerabilities or issues before they can be exploited by unauthorised individuals.
Gulf Bank believes that collaborating with the global cyber researcher community is one of the most powerful tools for creating a secure, reliable digital platform and supports the march towards a more secure ecosystem. This programme is part of the Bank’s ongoing strategy to adopt the latest technological solutions in cybersecurity. The programme also reflects the Bank’s commitment to transparency and openness to specialised expertise.
Ross McNaughton, Chief Information Security Officer at Gulf Bank, said: “The launch of the Bug Bounty and Disclosure programme represents the next step towards enhancing the security of the products and services offered by the Bank. It contributes to the early detection and effective resolution of vulnerabilities, issues, errors or technical glitches, thereby improving digital protection and increasing customer trust. The programme also provides a rapid response mechanism for security risks and serves as a technical platform to support innovation, trial new services and build an active, collaborative cybersecurity community.”
He continued: “The success of this programme will enhance customer confidence in the Bank’s digital services and reflects our ongoing commitment to lead in protecting our customers’ data, swift and continual innovation and development in cybersecurity. It also adopts leading global practices with cybersecurity community engagement, helping the Bank support cybersecurity advancement in Kuwait and across the region.”
Gulf Bank extends an open invitation to all cybersecurity professionals, researchers, and enthusiast “hackers” to participate in its Vulnerability Disclosure Programme and Bug Bounty programme. Any individual with the knowledge and skills to analyse and identify security weaknesses, hacks, or hacking techniques is eligible to be part of this professional initiative.
McNaughton added: “If you believe you have discovered a security vulnerability or feature that could impact the Bank’s systems or services, we encourage you to report it immediately through the official channel and you may be eligible for a financial reward. The reward’s value will be determined by the Bank’s specialised team based on the severity of the reported issue.”