Cybersecurity Vulnerabilities: What Are the Rules of the Road for Finding Them, Sharing Them, and Fixing Them?
6:00 – 8:15 p.m.
It is routine to read headlines announcing the latest security shortcoming in modern technology—networks, systems, and devices that are under constant threat. These vulnerabilities (or worse, hacks) can pose grave risks to consumers, businesses, government agencies, and government employees. Yet, the body of law that addresses finding, sharing, and fixing vulnerabilities is unsettled and slow moving. This program will address how private sector businesses and public sector agencies handle cybersecurity vulnerabilities.
6:00 – 6:05 p.m. Welcome and Introductions
6:05 – 7:05 p.m. The Private Sector
This panel will explore the process for vulnerability discovery and remediation in the private sector. The discussion will cover the roles of in-house security professionals, outside security consultants, and independent security researchers. Topics will include best practices for soliciting and responding to disclosures, issuing security patches, and managing liability.
Moderator, David Valdez, Federal Communications Commission
Speaker, Jonathan Mayer, Chief Technology Officer, FCC Enforcement Bureau
7:05 – 7:15 p.m. Break
7:15 – 8:15 p.m. The Public Sector
The federal government plays a distinct role in the cybersecurity ecosystem. It hosts systems that are uniquely sensitive, and it maintains offensive capabilities for law enforcement and national security purposes. This panel will discuss the federal role in handling vulnerabilities, including the innovative Hack the Pentagon program and the inter-agency Vulnerability Equities Process.
Moderator, Allan Friedman, Director of Cybersecurity Initiatives, NTIA
Speaker, Laura Jehl, Partner, Sheppard Mullin Richter & Hampton LLP
To register for this event, please click here.