“EU cyber policymaking should be about reducing threat actors’ operational capabilities whilst increase EU citizen’s resilience to harm.”
– Stéphane Duguin, CEO at CyberPeace Institute
Story of
the week: Over 50
cybersecurity experts signed an open letter expressing concerns about the
vulnerability disclosure requirements, part of the Cyber Resilience Act (CRA).
On Monday, the open letter was sent to EU policymakers, including Thierry
Breton, commissioner for Internal Market. The disclosure requirements, obliging
organisations to inform government agencies about software vulnerabilities
within 24 hours, would “undermine the security of digital products and the individuals
who use them”, reads the letter. “Sadly, the current draft of the EU Cyber
Resilience Act risks to do exactly the opposite. Stockpiling vulnerabilities
and creating the dream resource for attackers is not a good way forward,”
signatory Stéphane Duguin, CEO at CyberPeace Institute, told Euractiv. (...)
Sem comentários:
Enviar um comentário