Assignment:

Read this article https://academic.oup.com/cybersecurity/article/7/1/tyab007/6168453?login=true and write a summary reaction to the use of the policies in your journal.

Answer:

When I first heard about Bug Bounty Policies I thought to myself that it is a great idea and that all companies should do this. This way hackers could potentially hone their skills and be acknowledged and at the same time companies will get to know about flaws in their security. However the more I read and thought about Bug Bounty Policies, the more I realized that this is not an option for every company. Bug Bounty Policies are definitely a good option for big companies like Google, Amazon, and Facebook because they have the money to put up such bounties and they tend to make their own software. However banks could not use such a policy because hackers could then just steal bank information and the banks would have to give the hackers a larger amount of money than the bank information that they have stolen. Smaller companies could also not rely on Bug Bounty Policies because they do not make their own software and instead rely on a third party.

All in all while I believe that the Bug Bounty Policy is a good idea I do not believe everyone can use. Bigger companies like Amazon, Google, Facebook, and YouTube should implement Bug Bounty Policies, however banks and smaller companies should stay away from these kinds of policies.