The Department of Homeland Security (DHS) is looking for input on its plans to collect cyber risk information and recommendations from agencies, companies and individuals in the wake of the SolarWinds attack.
DHS said in a Federal Register notice published Friday that it seeks to conduct information collection and dissemination activities through a standard online form designed to provide insight into vulnerable hosts, impacts and potential reproduction of security vulnerabilities.
The form is also meant to enable companies, organizations and individuals to report system vulnerabilities while providing initial insight to agencies on recently discovered risks.
“There is constantly a search for security vulnerabilities within information systems, from individuals or nation states wishing to bypass security controls to gain invaluable information, to researchers seeking knowledge in the field of cybersecurity,” the notice states.
In addition, the form is intended to help researchers develop concepts for identifying such vulnerabilities, according to DHS. Comments on the information collection request are due on May 18th.
