Lawmaker Calls for Implementation of Vulnerability Disclosure Programs in Federal Agencies
Sen. Mark Warner, the vice chairman of the Senate Select Committee on Intelligence and co-chair of the Senate Cybersecurity Caucus, emphasized the need for federal agencies to adopt vulnerability disclosure programs to secure their information technology products following a malware attack on the Department of Defense’s web server.
In a letter addressed to Dana Deasy, DoD chief information officer, Warner said the cyberattack raises broader cybersecurity concerns. He noted the importance of vulnerability disclosure programs in multiplying federal cybersecurity efforts, considering that it led to the discovery of the malware and response from the DoD. Warner also suggested that the Internet of Things Cybersecurity Improvement Act “would help advance similar coordinated vulnerability programs and work in conjunction with the procedures in place at DoD,” MeriTalk reported Thursday.
In addition, he specifically asked for adequate cybersecurity protections for commercial cloud-computing platforms and open-source software. Warner said promoting the responsible discovery of vulnerabilities on federal information technology systems can only strengthen the cybersecurity posture of federal and DoD systems.
Category: Popular Voices
Tags: cloud computing, cybersecurity, Dana Deasy, Department of Defense, DoD, federal agency, Internet of Things Cybersecurity Improvement Act, IT systems, malware, Mark Warner, MeriTalk, Popular Voices, vulnerability disclosure program,