Abstract

Every computer system or network may contain vulnerabilities. Therefore, vulnerability handling and disclosure are key elements of the cyber security technical, operational and organisational risk management measures of every organisation that develops or administers network and information systems. Coordinated vulnerability disclosure (CVD) policy or bug bounty can enable organisations to work together with well-intentioned people (ethical hackers) who look for and report vulnerabilities. The fear of being sued or the limited scope of the CVD can prevent such a collaboration. In the context of the implementation of the NIS2 directive, member states of the European Union will have to address the challenges posed by CVD processes. As a first attempt, Belgium has already adopted a national policy which includes a legal framework protecting vulnerability reporters and a coordinator role for its national computer security incident response team (CSIRT).

Full Text

Published Version

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
An Aviation Sector CSIRT for Sub-Saharan Africa
Faith Lekota ... Marijke Coetzee
-
Faith Lekota, et. al.Faith Lekota ... Marijke Coetzee
01 Jan 2020
Mitigating Global Cyber Risk Through Bridging the National Incident Response Capacity Gap
Elisabeth Dubois ... Unal Tatar
International Conference on Cyber Warfare and Security | VOL. 17
Elisabeth Dubois, et. al.Elisabeth Dubois ... Unal Tatar
02 Mar 2022
Adapting cybersecurity maturity models for resource‐constrained settings: A case study of Peru
Gangseok Lee ... Yuri Aldoradin Carbajal
THE ELECTRONIC JOURNAL OF INFORMATION SYSTEMS IN DEVELOPING COUNTRIES | VOL. -
Gangseok Lee, et. al.Gangseok Lee ... Yuri Aldoradin Carbajal
22 Oct 2024
Practical management of malicious insider threat – An enterprise CSIRT perspective
Terrence Walker
Information Security Technical Report | VOL. 13
Terrence WalkerTerrence Walker
25 Oct 2008
View more papers

More From: Cyber Security: A Peer-Reviewed Journal

Paper Title
Journal
Date
Author
Editorial
Simon Beckett
Cyber Security: A Peer-Reviewed Journal | VOL. 8
Simon BeckettSimon Beckett
01 Sep 2024
Improving cyber risk governance through storytelling
Levi Gundert
Cyber Security: A Peer-Reviewed Journal | VOL. 8
Levi GundertLevi Gundert
01 Sep 2024
Identifying and classifying cyberattacks on airports
Lázaro Florido-Benítez
Cyber Security: A Peer-Reviewed Journal | VOL. 8
Lázaro Florido-BenítezLázaro Florido-Benítez
01 Sep 2024
AI detection of malicious push notifications in augmented reality in the workplace
Sarah Katz
Cyber Security: A Peer-Reviewed Journal | VOL. 8
Sarah KatzSarah Katz
01 Sep 2024
View more papers

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.