Read this article https://academic.oup.com/cybersecurity/article/7/1/tyab007/6168453?login=trueLinks to an external site.  and write a summary reaction to the use of the policies in your journal.  Focus primarily on the literature review and the discussion of the findings.

Many companies lack vulnerability disclosure policies (VDP) due to them receiving reports of cybersecurity vulnerabilities from third-party researchers. This prevents companies from learning about the blind spots in their cybersecurity view. The US Department of Homeland Security, the federal government agency tasked with cybersecurity, instructed all government agencies to create a VDP. Companies should do all they can to understand cybersecurity weakness and prevent attacks from happening. Bug bounty policies is when ethical hackers are paid to find bugs in IT systems and explain them to companies. There are many logical basis for bug bounty policies including making companies aware of bugs they did not know about. There were six significant findings during this research including hackers are relatively price insensitive. Bug bounties are effective tools for companies of all sizes and levels of importance. That companies in certain industries received fewer reports, ceteris paribus, than companies in other industries. The number of new programs created in any given month has a impact on the number of reports companies receive on the HackerOne platform in that month. Lastly, is that programs receive fewer valid reports over time, all else remaining constant. (Sridhar, K. 2021)

(Sridhar, K & Ng, M). (2021). Hacking for good: Leveraging HackerOne data to develop an economic model of Bug Bounties. Journal of Cybersecurity, Volume 7.