Summary Reaction to the Use of the Policies in this Article https://academic.oup.com/cybersecurity/article/7/1/tyab007/6168453?login=true

This study highlights that bug bounty programs are helpful for companies and industries
of any size when trying to find security vulnerabilities they might miss at a first glance.
Government organizations are encouraging companies to implement vulnerability disclosure
policies (VDP’s), but some companies are turning to bug bounty programs where independent
researchers are paid to find the bugs in the company’s system. The researchers say that it is
helpful to companies and industries of any size because it doesn’t matter if it’s the smallest
company or the biggest it doesn’t affect how many reports they receive. The effectiveness of the
programs can vary across different sectors within industries and just because there are new
programs, it doesn’t necessarily reduce reports.