Online Safety Community

Trump administration pulls back curtain on secretive cybersecurity process

The White House on Wednesday made public for the first time the rules by which the government decides to disclose or keep secret software flaws that can be turned into cyberweapons — whether by U.S. agencies hacking for foreign intelligence, money-hungry criminals or foreign spies seeking to penetrate American computers.

The move to publish an un­classified charter responds to years of criticism that the process was unnecessarily opaque, fueling suspicion that it cloaked a stockpile of software flaws that the National Security Agency was hoarding to go after foreign targets but that put Americans’ cyber­security at risk.

“This is a really big improvement and an outstanding process,” said White House cybersecurity coordinator Rob Joyce, who spoke at an Aspen Institute event and issued a blog post on the charter.

By making it public, he said, “we hope to demonstrate to the American people that the federal government is carefully weighing the risks and benefits” of disclosure vs. retention.

The rules are part of the “Vulnerabilities Equities Process,” which the Obama administration revamped in 2014 as a multi­agency forum to debate whether and when to inform companies such as Microsoft and Juniper that the government has discovered or bought a software flaw that, if weaponized, could affect the security of their product.

The Trump administration has mostly not altered the rules under which the government reaches a decision but is disclosing its process. Under the VEP, an “equities review board” of at least a dozen national security and civilian agencies will meet monthly — or more often, if a need arises — to discuss newly discovered vulnerabilities. Besides the NSA, the CIA and the FBI, the list includes the Treasury, Commerce and State departments, and the Office of Management and Budget.

The priority is on disclosure, the policy states, to protect core Internet systems, the U.S. economy and critical infrastructure, unless there is “a demonstrable, overriding interest” in using the flaw for intelligence or law enforcement purposes.

To continue Click here http://snip.ly/tykw7

Views: 41

Comment

You need to be a member of Online Safety Community to add comments!

Join Online Safety Community

Take our poll!

Take our poll!

Latest Activity

Traininngdotcom-LLC posted blog posts
4 hours ago
Roger Steven posted a blog post

How to do Texting and E-mail with Patients

With the new HIPAA random audit program now getting under way, and increases in enforcement actions following breaches, now is the time to ensure your organization is in compliance with the regulations and meeting the e-mail and texting communication needs and desires of its providers and patients. You need the proper privacy protections for health information, and the necessary documented policies and procedures, as well as documentation of any actions taken pursuant to your policies and…See More
4 hours ago
kate smith posted blog posts
5 hours ago
Mark Nilson posted events
6 hours ago

Forum

How to provide safety to the small laboratories at schools? 4 Replies

Most schools in villages are opening small chemistry laboratories and allowing the students to experiment whatever they have been taught. The education quality of village schools is not up to the…Continue

Started by charlieelectra. Last reply by Jen McDade yesterday.

Workers paticipation in safety management 1 Reply

Workers paticipation in safety management is the aspect which is required to be implemented in the OHSAS 18001 2007 version. , I invite our experience community members to share their views on the…Continue

Tags: management, safety, in, paticipation, Workers

Started by SafetyRaja. Last reply by Jen McDade on Monday.

Road Safety

What can be the best measures for Road Safety?Continue

Started by Jen McDade Sep 27.

safety equipments in breweries 4 Replies

safety equipments in breweries -- kindly provide detailsContinue

Started by ajit. Last reply by Jen McDade Sep 24.

Unusual Safety Tips 10 Replies

Please share some unusual but genuine safety precautions.My unusual safety tips - Don't drink sweet fruity juice while driving in the night as it contains sugar and sugar slows down your blood…Continue

Started by Arnold Brame. Last reply by Jen McDade Sep 24.

Badge

Loading…

© 2018   Created by Safety Community.   Powered by

Badges  |  Report an Issue  |  Terms of Service