Jump to content
The Great Escape Online Community

[Slashdot] - CISA Orders Agencies To Set Up Vulnerability Disclosure Programs


Recommended Posts

Out of scores of federal civilian agencies, only a handful of them have official programs to work with outside security researchers to find and fix software bugs -- a process that is commonplace in the private sector. From a report: Now, to put an end to the feet-dragging, the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency is giving agencies six months to set up the programs, known as vulnerability disclosure policies (VDPs). CISA on Wednesday issued a directive requiring agencies to establish VDPs that foreswear legal action against researchers who act in good faith, allow participants to submit vulnerability reports anonymously and cover at least one internet-accessible system or service. Itâ(TM)s the latest sign that federal officials are warming to white-hat hackers from various walks of life. "We believe that better security of government computer systems can only be realized when the people are given the opportunity to help," CISA Assistant Director Bryan S. Ware said in announcing the directive. The White House echoed that language in a memo to agencies backing the VDP initiative and setting deadlines for agencies to act.

twitter_icon_large.png facebook_icon_large.png

Read more of this story at Slashdot.


View the full article

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...

Important Information

By using The Great Escaped Online Community, you agree to our Privacy Policy and Terms of Use