Article Per Year (5 Year)
p-Index From 2020 - 2025
0.23
P-Index
This Author published in this journals
All Journal Journal of Scientific Research, Education, and Technology
Suryana, Rio Putra
Unknown Affiliation
Computer Science & IT Economics, Econometrics & Finance Education Engineering Social Sciences

Published : 1 Documents Claim Missing Document
Claim Missing Document
Check
Articles

Found 1 Documents
Search

 1 
A Government-Oriented Vulnerability Disclosure Program Model Based on Ethical Hacker Perspectives Suryana, Rio Putra; Widiono, Suyud
Journal of Scientific Research, Education, and Technology (JSRET) Vol. 4 No. 4 (2025): Vol. 4 No. 4 2025
Publisher : Kirana Publisher (KNPub)

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.58526/jsret.v4i4.948

Abstract

Digital transformation within government agencies has expanded the number of public-sector digital assets that require continuous cybersecurity protection. However, vulnerability reporting mechanisms in Indonesia remain fragmented, unstandardized, and legally ambiguous, limiting effective collaboration between ethical hackers and government institutions. This study explores the motivations, preferences, and challenges experienced by active vulnerability researchers in participating in government-led Vulnerability Disclosure Programs (VDPs). A descriptive qualitative approach was applied using open- and closed-ended online questionnaires completed by six respondents with proven experience in legal vulnerability reporting. The findings reveal that clear scope definition, transparent rules, timely responses, and legal protection (safe harbour) are the primary factors influencing participation. Although financial incentives are considered beneficial, most participants are willing to report without monetary rewards when non-financial recognition—such as points, badges, or official acknowledgment—is provided. The study also identifies key barriers, including unclear scope, lack of government responsiveness, and concerns regarding legal repercussions. Based on these insights, this work proposes a structured and centralized vulnerability reporting framework tailored for government environments. The proposed model emphasizes clear policies, triage transparency, non-monetary recognition systems, and safe-harbour protections to strengthen national cybersecurity resilience through collaborative public engagement.
Co-Authors Suyud Widiono