White House unveils new disclosure policy on software vulnerabilities

White House cybersecurity coordinator Rob Joyce today announced a new administration policy on publicly disclosing cyber vulnerabilities discovered by the government, saying the new “charter” should eliminate the need to legislate on the cyber “vulnerability equities process.”

Joyce, who spoke at an Aspen Institute event, said the White House today will release a “charter” on the vulnerability equities process, or VEP, that explains which federal agencies are involved and what processes take place in determining whether the government discloses publicly...