DHS Cybersecurity Arm Directs Executive Agencies to Develop Vulnerability Disclosure Policies

Published on JD Supra on December 3, 2019

On November 27, 2019, the Cybersecurity and Infrastructure Security Agency (CISA) of the Department of Homeland Security (DHS) released for public comment a draft of Binding Operational Directive 20-01, Develop and Publish a Vulnerability Disclosure Policy (the “Directive”). Pursuant to the Directive, Executive Branch agencies are required to develop and publish a procedure pursuant to which members of the public can report discovered vulnerabilities without fear of prosecution. The Directive is also accompanied by a draft coordinated vulnerability disclosure policy.

>>Read Full Article on JD Supra

Skip to content