As concerned cybersecurity experts who have dedicated our lives to improving the security of the online environment, we urge you to reconsider the vulnerability disclosure requirements under the proposed EU Cyber Resilience Act (CRA). While we appreciate the CRA’s aim to enhance cybersecurity in Europe and beyond, we believe that the current provisions on vulnerability disclosure are counterproductive and will create new threats that undermine the security of digital products and the individuals who use them.

Download Full Text Below

Read Next

Examining Critical Infrastructure Cybersecurity and Resilience: A CCPL Tabletop Exercise After Action Report

The Center conducted a tabletop exercise exploring the ability of government and private sector to address disruption from a nation state with sophisticated cyber capabilities may cause to critical infrastructure if given extensive freedom of action.

European Commission 2028-2034 Budget Proposal Includes Substantial Increase for Cyber, Digital Programmes

The European Commission presented its initial proposal for the European Union’s 2028-2034 financial framework that, if approved, could authorise nearly EUR 2 trillion in spending over seven years for cyber and other digital efforts.

State, Fed Cyber Leaders Discuss Resilience in Light of Evolving Threat, Budget Landscapes

State and federal cyber leaders convened in Austin to discuss the Texas Cyber Command, utilizing Zero Trust strategies in an era of AI, and improving Federal to State cyber cooperation in an era of constricting resources and increased threats.