Federal Government Urged To Disclose Zero Day Vulnerabilities

An article review.

Former White House cybersecurity officials call upon the government to be more open about threats


A study published by Harvard’s Belfer Center and written by two former cybersecurity experts has called for a number of changes to the way the government handles threats, including more funding and better disclosure practices.

Currently the NSA is responsible for the decision to make vulnerabilities public, through the Vulnerabilities Equity Process, and the study suggests shifting that responsibility to the Department of Homeland Security along with providing increased transparency for the procedure.

Additionally, the study called for a ban on the purchasing of information about exploits and vulnerabilities from private firms if that information comes with a non-disclosure agreement attached. The need for such reform became clear after it became known that the NSA sat on information about the Heartbleed attack, which left many critical encryption systems vulnerable to snooping.

Original article by Chris Bing, writing for FedScoop.



Related Posts

Considerations – Why you should choose infotex, Inc. as your next MSOC!

Reasons why we should be considered! infotex provides a number of services that can be checked out if you click over to offerings.infotex.com! We even made a movie with all the reasons why infotex...

The Magnificent Seven 2023

Seven Trends . . . …that small bank Information Security Officers face in 2023 Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Welcom...