Multifaceted security cooperation
Multifaceted security cooperation
vrijdag 18 maart 2016 Join the Manifesto?!
Cooperation is key to keeping your digital and connected systems and services secure. Cooperation within your supply chain, with your security service provider, public-private cooperation, etc. In the Netherlands this comes (almost) naturally, although there is certainly room for improvement.
Cooperation between you and the so-called ethical hacker community may also be beneficial to you. It is in your interest to know about vulnerabilities in your IT systems as soon as possible, so you can act to resolve the vulnerability, preferably before it is exploited. But some guidelines are necessary for this kind of cooperation to ensure that you have the opportunity to take care of the vulnerability in a controlled way and the reporter has less chance to be prosecuted for helping you improve your security. These guidelines are referred to as Coordinated Vulnerability Disclosure, or Responsible Disclosure.
CIO Platform Nederland has embraced this initiative and has translated the prior documentation of SURFnet that was made for the higher education and research community, to a format that is more suited to businesses and governmental organisations. We’ve had these translated into English and made them available to use by any interested party. Please find the policy and procedure document here and the implementation guide here. The Dutch government has put Coordinated Vulnerability Disclosure on the agenda of the Presidency of the European Union. CIO Platform Nederland and Rabobank have joined initiatives to promote the adoption of Coordinated Vulnerability Disclosure among businesses in Europe. To do this a Manifesto was developed which we encourage representatives of European businesses to come and sign during the EU high-level event on May 12th and 13th in Amsterdam. You can find the introduction to the Manifesto here and the text of the Manifesto here.
If you are interested in joining the Manifesto please send your contact details to vulnerability.disclosure@ncsc.nl.
If you have any questions about the topic of Coordinated Vulnerability Disclosure or the documents, please contact Ronald Verbeek.
VMware-brief krijgt aandacht
05 april 2024 De gezamenlijke brief van de vier CIO-verenigingen aan de Europese Commissie in verband met de gevolgen van de overname van VMware door Broadcom voor onze leden, heeft veel interesse gewekt lees verderICT-experts, ondernemers en wetenschappers deelden hun inzichten met Staatssecretaris Alexandra van Huffelen.
28 maart 2024 27 maart jl. deelden ICT-experts, ondernemers en wetenschappers hun inzichten met o.a. staatssecretaris Alexandra van Huffelen en ons om voor clouddiensten minder afhankelijk te zijn van niet-Europese-landen en zelf sterker in deze technologie te worden. lees verderZakelijke gebruikers van IT veroordelen marktgedrag van Broadcom en roepen Europese Commissie op tot passende maatregelen
28 maart 2024 CIO Platform Nederland en haar drie Europese zusterverenigingen verstuurden vandaag een gezamenlijke brief aan de Europese Commissie n.a.v. mogelijk marktverstorend gedrag van Broadcom sinds de overname van VMware. lees verderArjen Boersma en Edward Cox treden toe tot het bestuur
28 maart 2024 Van harte welkom, Arjen Boersma, CIO ProRail en Edward Cox, CIO Louwman Group, in het bestuur van CIO Platform Nederland. lees verder