Explore the vast range of titles available.

In increasingly competitive digital markets, software firms must strategically balance cybersecurity investments and pricing decisions to attract consumers while safeguarding their platforms. This study develops a game-theoretic model in which two competing firms choose among three cybersecurity strategies—no action, bug bounty programs, and in-house protection—before setting prices. We demonstrate that cybersecurity efforts and pricing are interdependent: investment choices significantly alter market outcomes by influencing consumer trust and competitive dynamics. Our analysis reveals that a bug bounty program is preferable when consumer sensitivity to security and the probability of ethical vulnerability disclosures are high, while in-house protection becomes optimal when firms must rebuild credibility from a weaker competitive position. Furthermore, initial service quality gaps between firms critically shape both investment intensity and pricing behavior. By jointly endogenizing security efforts and prices, this study offers new insights into strategic cybersecurity management and provides practical guidance for software firms seeking to integrate security initiatives with competitive pricing strategies.