Global Cyber Security Center promotes the "Italian Coordinated Vulnerability Disclosure Manifesto" a cooperation mechanism between organizations and the experts of cyber security community to a "coordinated" and "Responsible" discover of technological vulnerabilities. Adopting this approach, an expert can responsibly report (in accordance with the responsible disclosure policy) report vulnerabilities directly to the owner of the information system affected, to provide the organization the opportunity to diagnose and remedy the vulnerability before detailed information is disclosed to third parties or the public.
This initiative born by a similar Dutch initiative promoted by the multinational company Rabobank and the CIO Platform. On 12th of May in Amsterdam 30 organizations have signed the manifesto. This approach is not present only in Netherland ma it has been adopted by many organizations at international level.
GCSEC has analysed the international best practices to define a reference framework and guidelines as point of reference for discussions with the Italian organizations involved.
The initiative of an Italian Manifesto has already been presented a representatives of Italian critical infrastructures with which main aspects will be discussed with the hope to include shortly also the Public Sector organizations that are actually defining an internal initiative.
For more informations contact firstname.lastname@example.org