CISA Partners with OMB to Stand Up Vulnerability Disclosure Policies at Civilian Agencies

The Cybersecurity and Infrastructure Security Agency and the Office of Management and Budget will require civilian agencies to develop vulnerability disclosure policies, allowing outside experts who have “seen something” that looks like a cyber weakness to “say something” to those who can fix it.

Under the draft binding operational directive released Wednesday, agency VDPs would make it clear that “an agency welcomes and authorizes good-faith security research on specific, internet-accessible systems,” CISA Assistant Director for Cybersecurity Jeanette Manfra wrote in a blog post.

Meanwhile, OMB will meet with executives from the Department of Homeland Security, the General Services Administration, the Commerce Department and other agencies to work on implementation strategies, as well as the benefits of leveraging bug bounty programs.

Read more at Federal News Network

(Visited 72 times, 1 visits today)

The Government Technology & Services Coalition's Homeland Security Today (HSToday) is the premier news and information resource for the homeland security community, dedicated to elevating the discussions and insights that can support a safe and secure nation. A non-profit magazine and media platform, HSToday provides readers with the whole story, placing facts and comments in context to inform debate and drive realistic solutions to some of the nation’s most vexing security challenges.

Leave a Reply

Latest from Cybersecurity

Tenable Acquires Indegy

Tenable, Inc has acquired Indegy Ltd, an industrial cybersecurity firm which provides

SIGN UP NOW for FREE News & Analysis on topics of your choice across homeland security!


Go to Top
Malcare WordPress Security