House Commerce Committee Releases Whitepaper on Coordinated Vulnerability Disclosure Cybersecurity Practices

The House Commerce Committee released a white paper detailing the committee’s investigation and recommendations regarding coordinated vulnerability disclosure (CVD) cybersecurity practices. The committee offers two main recommendations to support public and private sector organizations in their adoption of CVD programs as part of their cybersecurity risk management strategies.

  1. Congress should explore ways to clarify the differences between “hacking” and CVD practices, to incentivize organizations to adopt CVD programs, and to offer protections to CVD participants who perform CVDs in accordance with modern best practices.
  2. Congress should explore ways to encourage federal agencies and private sector stakeholders to address and minimize the negative public responses to CVDs.

The white paper concludes, “The nature of our modern connected society requires collaboration, and thus—as recent years have manifestly demonstrated—CVD remains one of the most valuable, effective methods for embracing that collaboration and facing those risks. Consequently, Congress, the rest of the federal government, the private sector, and third-parties should all find ways to support and adopt CVD.”


House Commerce Committee Releases Whitepaper on Coordinated Vulnerability Disclosure Cybersecurity Practices The Criticality of Coordinated Disclosure in Modern Cybersecurity (read the report) Hill Says Third-Party Cybersecurity Monitoring is Key (Broadcasting&Cable)