The House Energy & Commerce Committee has released a white paper on cybersecurity practices following its investigation into coordinated vulnerability disclosure (CVD), i.e, outside parties tipping companies or agencies off to those vulnerabilities.
Those third parties could be law enforcement, business partners, financial firms, or independent researchers, but they are an essential part of the discovery process given the "complexity of modern information systems and networks," says the committee, which translates to the growing "internet of everything" world.
Its two main recommendations were that "1) Congress should explore ways to clarify the differences between 'hacking' and CVD practices, to incentivize organizations to adopt CVD programs, and to offer protections to CVD participants who perform CVDs in accordance with modern best practices; and 2) that "Congress should explore ways to encourage federal agencies and private sector stakeholders to address and minimize the negative public responses to CVDs."
“The growth of the Internet and connected technologies comes with an inescapable increase in the complexity and vulnerability of modern systems. These risks are shared across all facets and sectors of society, and no one organization is truly capable of managing these risks on its own.
“The nature of our modern connected society requires collaboration, and thus—as recent years have manifestly demonstrated—CVD rem."
The committee has been conducting oversight of "cybersecurity strategies and incidents both at federal agencies and in the private sector."
Contributing editor John Eggerton has been an editor and/or writer on media regulation, legislation and policy for over four decades, including covering the FCC, FTC, Congress, the major media trade associations, and the federal courts. In addition to Multichannel News and Broadcasting + Cable, his work has appeared in Radio World, TV Technology, TV Fax, This Week in Consumer Electronics, Variety and the Encyclopedia Britannica.
Thank you for signing up to Broadcasting & Cable. You will receive a verification email shortly.
There was a problem. Please refresh the page and try again.