NTIA releases tools for companies in developing cyber vulnerability disclosure policies

The National Telecommunications and Information Administration has released three new documents on cyber vulnerability disclosure, offering insight into how to improve awareness and adoption of security disclosure policies, address vulnerability disclosure in safety-critical industries, and manage disclosures when multiple parties are involved.

“Vulnerability disclosure has long been an open, important issue in cybersecurity,” said Angela Simpson, deputy assistant secretary for communications and information at NTIA, in a Dec. 15 blog post. “Companies need a strategy to deal with flawed...