Federal Bill Aims to Improve Contractor Cybersecurity

If passed, executive government agencies may not enter into a contract for IT services unless the contractor maintains a vulnerability disclosure policy that describes the process for vulnerability reporting (i.e., where to send the report, what to include in the report, that an individual can report anonymously), does not limit testing solely to entities approved by the contractor (the public can also search for and report a vulnerability), and provides target timelines for resolving a reported vulnerability.

Total
0
Shares
Previous Post

NY DFS Key Measures to Reduce Ransomware Risks

Next Post

Biometrics: Brazilian Authority Investigates Collection of Fingerprints

Related Posts
Total
0
Share