House to Vote on Requiring DHS to Report on Software Vulnerabilities

On Tuesday, the U.S. House of Representatives passed legislation that would require the Department of Homeland Security “to report on how the government decides whether it will exploit newfound computer software vulnerabilities against U.S. adversaries or disclose them to manufacturers to be patched,” according to NextGov.

Introduced by Rep. Sheila Jackson-Lee (D-TX), the Cyber Vulnerability Disclosure Reporting Act – H.R.3202 – supports the proposals made by a Trump administration plan introduced in November, thus solidifying bipartisan, cross-government support for the proposal.

Upon making the announcement in November, the White House said recent data breaches “undermine public confidence and damage our ability to carry out intelligence missions,” noting that the proposed annual report would include relevant “statistical information as deemed appropriate”


The government is currently said to disclose “about 90 percent of the software vulnerabilities it finds, officials from both administrations have said. The government privileges disclosure in cases where the vulnerabilities are most likely to be discovered by criminals and used against U.S. consumers,” according to NextGov.

The bill, which passed the House Homeland Security Committee by a voice vote in September, is expected to pass. However, while it may be a rare bill that prompts minimal partisan debate within Congress, agency responses may be more varied in light of the diverse stakeholders involved, with “intelligence agencies…more likely to favor hoarding vulnerabilities,” and “security-focused agencies…more likely to favor disclosing them.”

Posted in General News

Tags: DHS, cybersecurity, cyber

Print Email

This Week on FEDtalk

It’s (almost) National Park Week!

Tune in next week to hear from the National Parks Service (NPS) about all the activities going on around the country for National Park Week April 21-29, including Junior Ranger Day and Park Prescription Day.

Read more ...

Hear it from FLEOA

An Update on the OPM Cyber Breach

In the wake of the most recent data breach of Equifax, FLEOA has provided an update on the June 2015 Office of Personnel Management (OPM) data breach to include claims, lawsuits and legislation.

Read more ...
FEDagent

FEDagent.com

The free weekly e-report for Federal Law Enforcement

Get in touch with us

Email FEDagent publisher

Copyright 2018 FEDagent.com
Hosted by Peak Media Company, LLC