1.
Bug bounty programs and hiring white hat hackers are forms of information controls.
What are other forms of information controls mentioned in the chapter?
The other controls mentioned are feedforward, concurrent, feedback, and financial control.
Feedforward control means taking control of a situation before issues have the chance to arise.
Concurrent control means to take control while the activity is occurring, and feedback means
control is taken after the activity has taken place. Finally financial is run by profit.
2.
When a bug is found through a bug bounty program, do you think managers are more
likely to take immediate corrective action or basic corrective action? What are the reasons
for your answer?
I believe the managers would benefit most from taking immediate corrective action. Due to the
sensitive content that these bug bounty programs work with, I can imagine that disciplinary
issues could have far more drastic outcomes than a disruption of workflow. However, I assume
there could be instances that could warrant basic corrective actions that might not be as serious.
3.
What are the dangers versus the benefits of hiring hackers? Why have companies decided
that there are more benefits than dangers in accomplishing the process of controlling via
hiring hackers?
One of the dangers in hiring hackers is that they have the ability to hack, as the name implies.
Even though the individuals hired are labeled as “white hat hackers” there is still a question of
morality and ethics involved. However, that is applicable to everyone in every job. Companies
may choose to hire hackers due to their tech-savvy nature their skills can be considered
multifaceted.
