Easy access to all the Government news updates

Subscribe and receive personalized news articles straight in your inbox

*By clicking "Join us now" you agree to receive emails, promotions and general messages from ExecutiveGov. In addition, you also agree to ExecutiveGov's Privacy Policy and Terms & Conditions.

x
/

DHS Extends Feedback Period for Vulnerability Disclosure Program

1 min read

The Department of Homeland Security will be seeking feedback until Jan 10 on how to formulate the draft vulnerability disclosure program designed to provide federal agencies with a structured way to report cybersecurity issues, The Fifth Domain reported Friday.

The Cybersecurity and Infrastructure Security Agency released a draft binding operational directive on Dec. 2 that would require federal agencies to disclose the vulnerabilities of their public websites.

Adam Bernstein, information technology manager at the Office of Inspector General Department of Housing and Urban Development, wrote that legacy IT platforms should be excluded from the disclosure requirement because they are underfunded. He received a response saying that disclosures could help highlight the lack of funding for legacy IT systems.

CISA also received feedback on its proposed 90-day time frame between vulnerability disclosure and repair, as well as a suggestion for the agency to hold an industry for technical, legal, industry and government personnel to discuss the program.

ExecutiveGov Logo

Sign Up Now! Executive Gov provides you with Free Daily Updates and News Briefings about DHS