14 Dec 2017

DIGITALEUROPE position paper on vulnerability stockpiling

DIGITALEUROPE position paper on vulnerability stockpiling

OBJECTIVES

DIGITALEUROPE believes that governments in the EU and beyond should put in place clear policies relating to the handling and disclosure of security vulnerabilities. We are concerned that governments stockpile and exploit security vulnerabilities in products, rather than reporting them to those who can fix them. The presumption should be in favour of immediate disclosure to the vendor in question using coordinated vulnerability disclosure, a global best practice, and, if any delay is warranted and approved, governments should disclose the vulnerability to the vendor in as timely a fashion as is reasonably practicable. Moreover, some internal, and aggregate and anonymised external, reporting should be required to ensure accountability regarding the frequency and nature of such decisions.

Back to Cybersecurity
View the complete Policy Paper
PDF
Our resources on Cybersecurity
06 Mar 2023 Publication & Brochure
THE DIGITAL FRONT LINE: 15 actions to boost Europe’s Digital Resilience
Read more
PDF
22 Feb 2023 Policy Paper
DIGITALEUROPE RESILIENCE COUNCIL: Public, Civil and Private Cooperation for an ambitious EU Cyber Defence
Read more
PDF
23 Jan 2023 Policy Paper
DIGITALEUROPE’s recommendations for a more ambitious EU Cyber Defence Policy
Read more
PDF
View all resources
Hit enter to search or ESC to close
This website uses cookies
We use cookies and similar techonologies to adjust your preferences, analyze traffic and measure the effectiveness of campaigns. You consent to the use of our cookies by continuing to browse this website.
Decline
Accept