As concerned cybersecurity experts who have dedicated our lives to improving the security of the online environment, we urge you to reconsider the vulnerability disclosure requirements under the proposed EU Cyber Resilience Act (CRA). While we appreciate the CRA’s aim to enhance cybersecurity in Europe and beyond, we believe that the current provisions on vulnerability disclosure are counterproductive and will create new threats that undermine the security of digital products and the individuals who use them.

Download Full Text Below

Read Next

CISA Proposes Sweeping Cyber Incident Reporting for U.S. Companies

The federal government is one step closer to requiring approximately 315,000 businesses to report cyber incidents and ransomware payments. 

Event Recap: Spring Into Privacy with the NIST Privacy Engineering Program

The NIST Privacy Framework is getting a little "Spring Cleaning." Officials from NIST's Privacy Engineering Program updated participants on updated to the Privacy Framework and other projects at an event last week.

Multiple Organizations Request 30-day Extension on CIRCIA Comments

The Cybersecurity Coalition, U.S. Chamber of Commerce, and 23 other organizations have requested a 30-day extension to the comment period for the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) from CISA.