which makes it especially strange for the CEO to call it a "bug bounty". I'm not quite sure how a bug in humans can be resolved by a contract IT firm.