Cybersecurity and the Social Sciences (CYSE 201S)
A later module addresses cybersecurity policy through a social science framework. At this point, attention can be drawn to one type of policy, known as bug bounty policies. These policies pay individuals for identifying vulnerabilities in a company’s cyber infrastructure. To identify the vulnerabilities, ethical hackers are invited to try explore the cyber infrastructure using their penetration testing skills. The policies relate to economics in that they are based on cost/benefits principles. Read this article https://academic.oup.com/cybersecurity/article/7/1/tyab007/6168453?login=true Links to an external site. and write a summary reaction to the use of the policies in your journal. Focus primarily on the literature review and the discussion of the findings.
I find the use of Bug Bounty Policies in businesses to be a great thing. The more eyes you can get on a project to look for errors leads to better outcomes. I found it interesting, but not surprising, that the article mentioned that as a bug bounty program ages, it gets fewer reports unless the scope is widened. I see that as a testament to the usefulness of bug bounty programs. It’s obvious that as it goes on, there are fewer reports. Assuming bugs are being fixed correctly and not introducing new bugs, then as time goes on, all bugs are going to be dealt with and it will become harder to find new ones.