Cyber security depends largely on reporting vulnerabilities under the practices of coordinated disclosure. Meanwhile, the black market is expanding rapidly and offering large rewards for the same information. We examine the economics of depriving cyber criminals' access to new vulnerabilities.