Cybersecurity: Recent Policy and Guidance on Federal Vulnerability Disclosure Programs

Abstract

The Trump Administration has released policy and guidance on vulnerability disclosure programs(VDP) for federal agencies. VDPs help organizations secure their information technology (IT) by allowing the public to discover and report weaknesses in systems in the hope that the organization will mitigate the vulnerabilities. Vulnerabilities can be exploited by malicious actors to compromise systems, which may lead to data breaches. On September 2, 2020, the Office of Management and Budget (OMB) released Memorandum M-20-32on Improving Vulnerability Identification, Management, and Remediation and the Cybersecurity and Infrastructure Security Agency (CISA) released Binding Operational Directive 20-01 (BOD) to Develop and Publish a Vulnerability Disclosure Policy.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Sep 08, 2020
Accession Number
AD1131715

Entities

Organizations

  • Library of Congress

Tags

Communities of Interest

  • Cyber

DTIC Thesaurus Topics

  • Communication Systems
  • Computer Network Security
  • Congress
  • Cybersecurity
  • Data Leakages
  • Debugging
  • Department Of Defense
  • Department Of Homeland Security
  • Directives
  • Governments
  • Guidance
  • Homeland Security
  • Identification
  • Information Security
  • Information Systems
  • Law
  • National Governments
  • National Security
  • Public Administration
  • Security
  • United States
  • United States Government
  • Vulnerability

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Government and Public Administration Law.

Technology Areas

  • Cyber