As concerned cybersecurity experts who have dedicated our lives to improving the security of the online environment, we urge you to reconsider the vulnerability disclosure requirements under the proposed EU Cyber Resilience Act (CRA). While we appreciate the CRA’s aim to enhance cybersecurity in Europe and beyond, we believe that the current provisions on vulnerability disclosure are counterproductive and will create new threats that undermine the security of digital products and the individuals who use them.
Download Full Text Below
Read Next
FedRAMP Signals Acceleration of Requirements for Machine-Readable Packages in the Rev5 Process
FedRAMP has proposed modifications to the Rev5 process in the newly published RFCs that could enact major changes and require Cloud Service Offerings to provide authorization packages in a “machine-readable format.”
Meeting the Homeland C-UAS Threat
A recent tabletop exercise examined the impact of drone attacks on a university hockey game, electric grid, and nearby air base and recommended key findings to deter and prevent these types of attacks.
Fighting the Adversarial Use of AI: Innovation in Cyber Insurance, Incident Response
The rise of AI is reshaping every aspect of cybersecurity. While AI holds promise for automating defenses, it also empowers threat actors. This is driving an AI arms race with placing the cyber insurance market in the middle.
