Hacking Policy Council encourages NIST to include vulnerability disclosure policies in foundational update to IoT cyber publication

The Hacking Policy Council sees an opportunity for the National Institute of Standards and Technology to make targeted changes in an update to the agency’s foundational Internet of Things cyber publication, including the addition of a vulnerability disclosure policy and encouraging artificial intelligence red teaming.

“The HPC commends NIST for raising key questions in the draft regarding how customers can report suspected security issues, whether such reports will be accepted after the end of support, and how manufacturers might respond...