The Coalition will continue to work with OMB and agencies on implementation of the policy.
“The Cybersecurity Coalition welcomes the government recommendations to improve vulnerability identification, management and remediation. The Office of Management and Budget memo addresses the need to clarify the government’s position on vulnerability disclosure policies and bug bounty programs. It gives agencies time to scale their vulnerability disclosure policies and ensures good-faith security research efforts are not considered an incident or breach. The Department of Homeland Security Binding Operational Directive is a further step forward to protect federal government agencies, companies and internet users. It enhances the cybersecurity ecosystem by directing cross-government vulnerability formulation and disclosure programs. The Coalition will continue to work with OMB and agencies on implementation of the policy.”