A later module addresses cybersecurity policy through a social science framework. At this point, attention can be drawn to one type of policy, known as bug bounty policies. These policies pay individuals for identifying vulnerabilities in a company’s cyber infrastructure. To identify the vulnerabilities, ethical hackers are invited to try explore the cyber infrastructure using their penetration testing skills. The policies relate to economics in that they are based on cost/benefits principles. Read this article https://academic.oup.com/cybersecurity/article/7/1/tyab007/6168453?login=true and write a summary reaction to the use of the policies in your journal. Focus primarily on the literature review and the discussion of the findings.

Bug Bounty programs are really cool. It makes sense that having a ton of different people try to find bugs will help find more. I have seen my own examples of how different people can approach the same problem in very different ways. It is really nice to see that the study found that the bounty hunters didn’t care for monetary compensation for the most part. Also, I find it nice that there is a fairly even spread across different sectors and size of businesses.