As concerned cybersecurity experts who have dedicated our lives to improving the security of the online environment, we urge you to reconsider the vulnerability disclosure requirements under the proposed EU Cyber Resilience Act (CRA). While we appreciate the CRA’s aim to enhance cybersecurity in Europe and beyond, we believe that the current provisions on vulnerability disclosure are counterproductive and will create new threats that undermine the security of digital products and the individuals who use them.

Download Full Text Below

Read Next

European Commission 2028-2034 Budget Proposal Includes Substantial Increase for Cyber, Digital Programmes

The European Commission presented its initial proposal for the European Union’s 2028-2034 financial framework that, if approved, could authorise nearly EUR 2 trillion in spending over seven years for cyber and other digital efforts.

State, Fed Cyber Leaders Discuss Resilience in Light of Evolving Threat, Budget Landscapes

State and federal cyber leaders convened in Austin to discuss the Texas Cyber Command, utilizing Zero Trust strategies in an era of AI, and improving Federal to State cyber cooperation in an era of constricting resources and increased threats.

NIST: Analyzing Collusion Threats in the Semiconductor Supply Chain

Semiconductors power our modern technology and are often considered “the oil of the 21st century.” But producing these chips is not without challenges to the supply chain, including IP theft, counterfeiting, and reverse engineering.