Helping to resolve vulnerabilities
The increasing importance of information systems in our society significantly increases the risk of incidents related to the security of these systems. These incidents can, for example, compromise the availability of a particular service or the integrity, authenticity or confidentiality of data. As more and more devices are being used that are connected to the Internet, any incident will have even greater consequences.
As far as the causes of these incidents are concerned, vulnerabilities pose a major risk. However, this risk is inherent in the development, use and update process of these systems. Taking into account the extent and technicality of this problem, it seems an illusion to believe that all device manufacturers or those responsible for IT systems will be able to solve it on their own.
An organisation may choose to rely on a particular company to verify the security of its information systems (e.g. through a security audit), or, publicly, on persons with good intentions (“ethical hackers”) who wish to contribute to improving the security of these technologies by identifying existing vulnerabilities and helping to resolve them.
