Andrew Simpson scite author profile

The task of identifying vulnerabilities is commonly outsourced to hackers participating in bug bounty programs. As of July 2019, bug bounty platforms such as HackerOne have over 200 publicly listed programs, with programs listed on HackerOne being responsible for the discovery of tens of thousands of vulnerabilities since 2013. We report the results of an empirical analysis that was undertaken using the data available from two bug bounty platforms to understand the costs and benefits of bug bounty programs both to participants and to organisations. We consider the economics of bug bounty programs, investigating the costs and benefits to those running such programs and the hackers that participate in finding vulnerabilities. We find that the average cost of operating a bug bounty program for a year is now less than the cost of hiring two additional software engineers.

show abstract

The development of a hierarchical forecasting method for predicting spare parts demand in the South Korean Navy—A case study

Moon

Hicks

Simpson

2012

International Journal of Production Economics

View full text Add to dashboard Cite

In the South Korean Navy the demand for many spare parts is infrequent and the volume of items required is irregular. This pattern, known as non-normal demand, makes forecasting difficult. This paper uses data obtained from the South Korean Navy to compare the performance of various forecasting methods that use hierarchical and direct forecasting strategies for predicting the demand for spare parts. A simple combination of exponential smoothing models was found to minimise forecasting errors. A simulation experiment verified that this approach also minimised inventory costs.

show abstract

The development of a classification model for predicting the performance of forecasting methods for naval spare parts demand

Moon¹,

Simpson²,

Hicks³

2013

International Journal of Production Economics

View full text Add to dashboard Cite

Policy measures and cyber insurance: a framework

Woods

Simpson

2017

Journal of Cyber Policy

View full text Add to dashboard Cite

The role of the insurance industry in driving improvements in cyber security has been identified as mutually beneficial for both insurers and policy-makers. To date, there has been no consideration of the roles governments and the insurance industry should pursue in support of this public-private partnership. This paper rectifies this omission and presents a framework to help underpin such a partnership, giving particular consideration to possible government interventions that might affect the cyber insurance market. We have undertaken a qualitative analysis of reports published by policy-making institutions and organisations working in the cyber insurance domain; we have also conducted interviews with cyber insurance professionals. Together, these constitute a stakeholder analysis upon which we build our framework. In addition, we present a research roadmap to demonstrate how the ideas described might be taken forward.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Andrew Simpson

SuperB Progress Report: Detector

An Empirical Study of Bug Bounty Programs

The development of a hierarchical forecasting method for predicting spare parts demand in the South Korean Navy—A case study

The development of a classification model for predicting the performance of forecasting methods for naval spare parts demand

Policy measures and cyber insurance: a framework

Contact Info

Product

Resources

About