You mean aside from the incentive to walk away with thousands of dollars worth of bitcoins?
Those are blackhat incentives. You need to make the incentive large for skilled whitehats to care.
And really, looking for weakness after the fact is already a losing position. The exchanges need to build security in from the start, and actually have a process for secure development and operations that continues along with the exchange itself.
No easy "let's just make a bounty" solutions for this problem....