Innovation & technology

Achieving digital trust through the Swiss Post bug bounty

Information security is becoming ever more important to the success of Swiss Post. In order to build digital trust, Swiss Post Information Security is expanding its bug bounty programme.

Inari Kirchhofer

Using this new strategy, Swiss Post wants to facilitate the simple, secure and trustworthy handling of digital information and data – in the public, private and business spheres.

In our fast-paced digital world, however, conventional IT security measures are not enough. What’s needed are creative approaches. Finding out how the security mechanisms of Swiss Post’s online services can be circumvented or where the weak points are that could have a detrimental impact on Swiss Post is crucial. The purpose of the bug bounty programme is to invite

skilled hackers, or hunters, to track down security gaps. They receive compensation – a bounty – for every vulnerability they find. While numerous groups globally use this format as a complementary measure for securing their own IT systems, Swiss Post is a pioneer when it comes to operating a permanent bug bounty programme in Switzerland. As a result of the positive experience, it now wants to expand the programme.

The benefits of the Swiss Post bug bounty programme

Central to the development of new digital business models and services is a permanently high-level of information security, as well as the trust of users in the digital applications – digital trust. The bug bounty programme promotes both. Through this investment, Swiss Post is acknowledging the necessity of continually improving its information security. Critical vulnerabilities can be found and fixed more quickly by highly specialized hunters and potential dangers averted. This is far more efficient and cost-effective than leaving the discovery of weaknesses to chance or risking far-reaching consequences from undiscovered bugs. The programme is also beneficial to Swiss Post for another reason: it not only increases information security which then strengthens trust, but also supports transformation within the company. This is key as teams work intensively across disciplines and units and with increasing agility in order to quickly respond to vulnerabilities. In this way, resourceful hunters can contribute to innovation at Swiss Post IT.

Wanted: Bug hunters

Swiss Post is conducting its bug bounty programme privately, i.e. hunters take part by invitation. Interested hunters can find out more and register online.

written by

Inari Kirchhofer