Who Decides When to Tell a Company Its IT is Vulnerable

Members Only Subscribe to read the full article

With the seemingly constant barrage of leaks revealing the U.S. intelligence community’s hacking capabilities, many are wondering where government draws the line between priorities of intelligence collection versus assisting companies to secure their products in order to keep the digital lives of U.S. citizens and companies secure. The Cipher Brief spoke with Ari Schwartz, the managing director of Cybersecurity Services at Venable LLP and former Senior Director for Cybersecurity at the National Security Council during the Obama administration, about the current state of U.S. vulnerability disclosure policy.

The Cipher Brief: What are zero-day vulnerabilities – zero days, for short – and how often are they used by criminals and nation-states as opposed to already known vulnerabilities? How often are zero days found and used by more than one actor?

\”The Cipher Brief has become the most popular outlet for former intelligence officers; no media outlet is even a close second to The Cipher Brief in terms of the number of articles published by formers.” – Sept. 2018, Studies in Intelligence, Vol. 62 No.

Access all of The Cipher Brief\’s national-security focused expert insight by becoming a  Cipher Brief Level I Member .  



Continue Reading

Get access to all our briefs

Sign up Today

Related Articles