PANEL | The Importance of Vulnerability Handling. A discussion with the Cybersecurity Tech Accord

Friday, 20 September 2019
National Harbor, Maryland

Few topics have dominated the Cybersecurity Tech Accord agenda like responsible vulnerability handling. On several occasions, our signatories have stressed the importance of this practice as a cornerstone of responsible cybersecurity policy and, in July, they announced that they will all have a vulnerability disclosure policy in place by the end of the year.

On 20 September, the importance of vulnerability handling will again take center stage in the group’s efforts to promote cybersecurity best practices. At the 2nd Annual National Cybersecurity Summit, hosted by the United States Cybersecurity and Infrastructure Security Agency (CISA) of the Department of Homeland Security (DHS), our signatories will participate in a panel to share their views on the different approaches to vulnerability handling and on the role that well-informed policies on this topic can play in preventing cyber attacks.

The 45-minute session will feature Tech Accord representatives from Trend Micro, ThreatModeler, Arm and Microsoft as key speakers in a discussion moderated by Gregory T. Nojeim, Senior Counsel & Director of Freedom, Security and Technology Project at the Center for Democracy and Technology.

The debate will explore issues including the need to demystify vulnerabilities – clarifying what they are, what they are not and why good vulnerability disclosure policies should be the norm across the technology industry. It will also touch upon guidance and regulations established by governments and independent organizations on vulnerability handling, and what are good common principles. Finally, it will shed light on how governments’ handling of vulnerabilities plays into effective security.