Multifaceted security cooperation

Multifaceted security cooperation

20160318 Nieuwsbericht Multifaceted security cooperation.jpgFriday 18 March 2016

Join the Manifesto?!

Cooperation is key to keeping your digital and connected systems and services secure. Cooperation within your supply chain, with your security service provider, public-private cooperation, etc. In the Netherlands this comes (almost) naturally, although there is certainly room for improvement.

Cooperation between you and the so-called ethical hacker community may also be beneficial to you. It is in your interest to know about vulnerabilities in your IT systems as soon as possible, so you can act to resolve the vulnerability, preferably before it is exploited. But some guidelines are necessary for this kind of cooperation to ensure that you have the opportunity to take care of the vulnerability in a controlled way and the reporter has less chance to be prosecuted for helping you improve your security. These guidelines are referred to as Coordinated Vulnerability Disclosure, or Responsible Disclosure.

CIO Platform Nederland has embraced this initiative and has translated the prior documentation of SURFnet that was made for the higher education and research community, to a format that is more suited to businesses and governmental organisations. We’ve had these translated into English and made them available to use by any interested party. Please find the policy and procedure document here and the implementation guide here. The Dutch government has put Coordinated Vulnerability Disclosure on the agenda of the Presidency of the European Union. CIO Platform Nederland and Rabobank have joined initiatives to promote the adoption of Coordinated Vulnerability Disclosure among businesses in Europe. To do this a Manifesto was developed which we encourage representatives of European businesses to come and sign during the EU high-level event on May 12th and 13th in Amsterdam. You can find the introduction to the Manifesto here and the text of the Manifesto here.

If you are interested in joining the Manifesto please send your contact details to vulnerability.disclosure@ncsc.nl.

If you have any questions about the topic of Coordinated Vulnerability Disclosure or the documents, please contact Ronald Verbeek

« Back

More news

CIOTV #75 What about the maturity of digital transformations? With Martijn Koning and Arthur Govaert

ciotv 75 martijn en arthurMonday 04 July 2022 In this special seventy-fifth episode of CIOTV, current chairman Martijn Koning (Chief Digital & Sustainability Officer AutoBinck Group) and former chairman Arthur Govaert (VP Innovation Program ... full story

Fair Principle 3: Customers shall remain in control of their own data and all the data uploaded or processed by the service/solution.

Fair Principle 3Thursday 30 June 2022 Business users associations Beltug, Voice, Cigref and CIO Platform Nederland call for a balanced cloud market: 11 fair principles to unleash Europe’s digital potential. Fair principle 3 calls for customers to remain in control of their own data and all the data uploaded or processed by the service/solution. full story

Fair Principle 2: Vendors must not create a technical or commercial lock-in

Fair Principles 2Thursday 23 June 2022 Business users associations Beltug, Voice, Cigref and CIO Platform Nederland call for a balanced cloud market: 11 fair principles to unleash Europe’s digital potential. Fair principle 2 calls for every vendor to avoid creating a technical or commercial lock-in. full story

Urgent call to European Commission regarding the European Cybersecurity Certification Scheme for Cloud Services (EUCS)

2021-05-18 Terugkoppeling gesprek met Europese Commissie over digitale technologiebeleid.pngWednesday 22 June 2022 CIO Platform Nederland calls on the European Commission not to adopt the EUCS until the consequences for business users in industry and government in Europe have been thoroughly investigated, a consultation of stakeholders has taken place and the responsible political bodies have weighed up the digital autonomy, costs and benefits of a decision. full story

View all news items through the archive

Close