A later module addresses cybersecurity policy through a social science framework.  At this point, attention can be drawn to one type of policy, known as bug bounty policies.  These policies pay individuals to identify vulnerabilities in a company’s cyber infrastructure.  To identify the vulnerabilities, ethical hackers are invited to try to explore the cyberinfrastructure using their penetration testing skills.  The policies relate to economics in that they are based on cost/benefits principles.  Read this article https://academic.oup.com/cybersecurity/article/7/1/tyab007/6168453?login=true and write a summary reaction to the use of the policies in your journal.  Focus primarily on the literature review and the discussion of the findings.

Bug bounties are when ethical hackers attempt to find bugs or exploit in the code of companies that hire them in order to fix any gaps in their security. The article below discusses their efficacy, providing data on the subject. Many companies are scrambling to allow bug hunters to work without fear of being sued, but there is very little in the metrics to suggest that bug bounties significantly increase the security of a company.