Protecting Europe against software vulnerabilities: It’s time to act!
CEPS - Publication
Brussels-based Centre for European Policy Studies (CEPS) has published a major report on software vulnerability disclosure (SVD) in Europe, titled Protecting Europe against software vulnerabilities: It’s time to act!. In the report, CEPS Task Force provides recommendations and concrete policy measures to help jumpstart coordinated vulnerability disclosure and government disclosure decision processes across Europe.
According to the report, a significant barrier to the implementation of CVD policies across the EU is the lack of a single interpretation of what constitutes ‘hacking’ among the member states. It is argued that the first step is to provide the necessary legal certainty to security researchers involved in vulnerability discovery as well as to set up appropriate vulnerability disclosure processes through complementary guidance and best practices.
Full report can be purchased HERE.
First commentary of the report can be found HERE.