Cybersecurity, Privacy, & AI

Trending Now
Anthropic’s Reported $30B Funding Talks Spotlight AI’s Growing Role in Cybersecurity, Defense • DC3 Seeks New Contractors for DCISE Voluntary Cyber Information-Sharing Program • Pentagon Cyber Official Calls Advanced AI ‘Revolutionary Warfare’ • NIST Aims for Summer Release of AI Cyber Guidelines • President Trump’s Cyber Strategy: Cross-Sector Implications for U.S. and UK Businesses
Protests & Claims Newsletter Cyber & Privacy Newsletter Compliance & Enforcement Newsletter Development Newsletter Transforming Procurement Newsletter
Published on August 11, 2020 • Cyber

CISA Finalized Directive on Vulnerability Disclosure Policies, Congressman Says

CISA Finalized Directive on Vulnerability Disclosure Policies, Congressman Says

Turan Ramazanli | Shutterstock

The Cybersecurity and Infrastructure Security Agency issued a draft directive in November to require civilian agencies to work with security researchers to find vulnerabilities on their websites. Representative Jim Langevin (D-RI) says that directive is now final and being coordinated with OMB, who will release their policy first.

OMB’s draft policy requires agencies to establish vulnerability disclosure policies within 180 days of a final memo being issued. CIOs will be held responsible, and should coordinate with CISA in maturing agency policies. CISA’s directive includes suggested legal language and timelines for responding to security researchers’ reports, and resolving them.

More at NextGov

Stay compliant and protected with daily updates on cybersecurity, data privacy, and federal oversight with our Cyber & Privacy newsletter, delivering up-to-the-minute intelligence Monday–Saturday — Subscribe here.

© PubKGroup 2024