Online Safety Community

Trump administration pulls back curtain on secretive cybersecurity process

The White House on Wednesday made public for the first time the rules by which the government decides to disclose or keep secret software flaws that can be turned into cyberweapons — whether by U.S. agencies hacking for foreign intelligence, money-hungry criminals or foreign spies seeking to penetrate American computers.

The move to publish an un­classified charter responds to years of criticism that the process was unnecessarily opaque, fueling suspicion that it cloaked a stockpile of software flaws that the National Security Agency was hoarding to go after foreign targets but that put Americans’ cyber­security at risk.

“This is a really big improvement and an outstanding process,” said White House cybersecurity coordinator Rob Joyce, who spoke at an Aspen Institute event and issued a blog post on the charter.

By making it public, he said, “we hope to demonstrate to the American people that the federal government is carefully weighing the risks and benefits” of disclosure vs. retention.

The rules are part of the “Vulnerabilities Equities Process,” which the Obama administration revamped in 2014 as a multi­agency forum to debate whether and when to inform companies such as Microsoft and Juniper that the government has discovered or bought a software flaw that, if weaponized, could affect the security of their product.

The Trump administration has mostly not altered the rules under which the government reaches a decision but is disclosing its process. Under the VEP, an “equities review board” of at least a dozen national security and civilian agencies will meet monthly — or more often, if a need arises — to discuss newly discovered vulnerabilities. Besides the NSA, the CIA and the FBI, the list includes the Treasury, Commerce and State departments, and the Office of Management and Budget.

The priority is on disclosure, the policy states, to protect core Internet systems, the U.S. economy and critical infrastructure, unless there is “a demonstrable, overriding interest” in using the flaw for intelligence or law enforcement purposes.

To continue Click here http://snip.ly/tykw7

Views: 30

Comment

You need to be a member of Online Safety Community to add comments!

Join Online Safety Community

Take our poll!

Take our poll!

Latest Activity

John Robinson posted events
12 hours ago
Mark Nilson posted events
13 hours ago
Nakul Pratap added a discussion to the group Certification and Training
Thumbnail

Enroll Our Nebosh Course in Saudi Arabia Becomes a professional safety officer

Green World Group is an repeated Safety training institute in Saudi Arabia offered Nebosh Course in Saudi Arabia. We provide many safety training courses like IOSH, Safety Diploma, and many more safety course in Saudi Arabia.A NEBOSH qualification Course offers much better recognition from organizations. Every year, more than 35, 000 persons doing work in an array of alternative sectors take these in the world…See More
15 hours ago
Nakul Pratap joined Safety Community's group
15 hours ago

Forum

5 TECHNOLOGY-BASED LONE WORKER SAFETY SOLUTIONS

ABOUT 75% OF EMPLOYEES IN NORTH AMERICA ARE MOBILE WORKERS. ADVANCES IN COMMUNICATIONS TECHNOLOGY MEANS THESE WORKERS CAN WORK ANYWHERE AT ANY TIME. THESE NEW TECHNOLOGIES ALSO MEAN THESE MOBILE…Continue

Tags: Solutions, People, IoT, Monitoring, Remote

Started by Jen McDade May 31.

Road Safety Solutions 14 Replies

The Road Safety Signs ,Barriers,Humps,Hazard Markers and Visual Warnings are some of the important marks to be observed. Signs such as "keep left",stop, "give way" should not be casually treated.…Continue

Tags: safety, gear, wear, Equipment, &

Started by Enna Henry. Last reply by Jen McDade May 31.

Remote Monitoring

Get "Safe Assets and Sound Productivity" Through Remote Monitoring.Visit:…Continue

Tags: Solutions, People, IoT, Monitoring, Remote

Started by Jen McDade May 23.

Python Condition Objects Tutorial in 2018 1 Reply

If you have knowledge of other programming languages, then you would know the importance of conditional statements. Conditional statements are required for taking decisions. Whenever we operate the…Continue

Tags: course, certification, training, languages, programming

Started by Elena Lauren. Last reply by Jim Chesters May 15.

Power BI Visualization Types

Visualizations in Power BI displays the visual insights from a data. In power bi service a visual can be pinned from reports to create dashboards. Visuals are used in reports.List of visualizations…Continue

Tags: COURSE, TRAINING, BI, POWER

Started by Azharuddin May 15.

Badge

Loading…

© 2018   Created by Safety Community.   Powered by

Badges  |  Report an Issue  |  Terms of Service