NaijaSecForce in collaboration with Tech Hive Advisory is hosting a webinar on “vulnerability disclosure: ethics and regulation”. As security threat landscape continues to increase, part of building a stronger intelligence and ensuring preservation of common good is to allow security researchers that discover vulnerabilities in systems to report them to the organisations, who in turn is expected to take reasonable measure to patch the vulnerability.
However, there has been a rise in bad actors taking advantage of this and the conversation is titling between legal and ethical basis for disclosure. The Nigerian law expressly prohibits hacking without distinction between black and white actors. The conversation will explore legality of security research, responsible disclosure, ethical boundary, bug bounty program, methods of disclosure, communicating disclosure, and legal framework for disclosure.