CISA to Improve Vulnerability Disclosure Practices
CISA to Improve Vulnerability Disclosure Practices
The Cybersecurity and Infrastructure Security Agency (CISA) issued a draft binding operational directive, BOD 20-01, which will require federal civilian executive branch agencies to publish a vulnerability disclosure policy (VDP).
Hugh Taylor
Hugh Taylor is a Certified Information Security Manager (CISM). In addition to editing Journal of Cyber Policy, he writes about cybersecurity, compliance and enterprise technology for such clients as Microsoft, IBM, SAP, HPE, Oracle, Google and Advanced Micro Devices. Prior to launching his freelance writing career, he served in executive roles at Microsoft, IBM and several venture-backed technology startups.