Bipartisan Bill Seeks to Update Vulnerabilities Equities Process

A bipartisan group of five lawmakers has introduced a bill that seeks to add accountability and transparency in the federal government’s vulnerabilities equities process.

Sens. Brian Schatz’s (D-Hawaii) office said Wednesday the Protecting our Ability To Counter Hacking Act aims would update the current process for agencies to determine if they should  disclose or withhold vulnerabilities in technology products, applications, services and systems.

Schatz crafted the bill with fellow Sens. Ron Johnson (R-Wisconsin) and Cory Gardner (R-Colorado) as well as Reps. Ted Lieu (D-California) and Blake Farenthold (R-Texas).

“The PATCH Act requires the government to swiftly balance the need to disclose vulnerabilities with other national security interests while increasing transparency and accountability to maintain public trust in the process,” said Johnson, chairman of the Senate Homeland Security and Governmental Affairs Committee.

The bill would establish a Department of Homeland Security-led interagency review board to develop a consistent policy on how the government should assess vulnerabilities for disclosure and retention.

The Coalition for Cybersecurity Policy and Law and companies such as McAfee and Mozilla support the bill.

Lawmakers proposed the PATCH Act in the wake of a global ransomware attack that compromised at least 200,000 computers.

You may also be interested in...

Cybersecurity

CISA’s Jay Gazlay: Gov’t Must Update Identity Management Standards for Cloud Operations

Jay Gazlay, technical strategist at the Cybersecurity and Infrastructure Security Agency (CISA), has said the government must establish an updated guidance on identity management following the SolarWinds large-scale data breach. Devices in general must have in place basic configurations such as those offered by Microsoft for authentication and email traffic monitoring, according to Gazlay.

Leave a Reply

Your email address will not be published. Required fields are marked *