12 May 2016: Launch Manifesto on Coordinated Vulnerability Disclosure
Twenty-nine organizations signed the Coordinated Vulnerability Disclosure Manifesto during the EU High Level Meeting on Cyber Security on 12 May 2016 in Amsterdam. In this manifesto they announce public reporting mechanisms on vulnerabilities in their ICT systems and call upon other organizations to do the same.
The Manifesto was initiated by Rabobank and CIO Platform Nederland in coordination with the Dutch National Cybersecurity Centre in the context of the Dutch chairmanship of the EU. The Manifesto is signed by major organizations in the field of transport, healthcare, energy and has been embraced by the GFCE initiative on Responsible Disclosure as global best practice.
Engaging with hacker and research community
Over recent years the importance of ICT and the role it plays in our daily lives has grown exponential. With it, our dependence on ICT and potential negative consequences of vulnerabilities in our ICT-systems are growing as well. Signatories of the manifesto acknowledge the importance to engage researchers and the hacker community in reporting of vulnerabilities in their systems, so weaknesses can be detected and fixed in an early stage. The manifesto aims to make all parties more aware of the importance of cooperation, to improve cybersecurity for everyone.
Sign the Manifesto!
The manifesto is accommodated in the GFCE initiative on Responsible Disclosure to increase the number of signatories globally. Public and private organizations globally are invited to become a signatory to the Manifesto. Signatories to the Manifesto do not have to be member to the GFCE.
Companies who support the principle of coordinated vulnerability disclosure can show their support by signing and thereby contribute to a safer cyber world. For more information on how to become a formal signatore to the manifesto, please contact the GFCE secretariat: contact@thegfce.org.
The Manifesto, more background information and most frequently asked questions and answers are also available at the Coordinated Vulnerability Disclosure page.
List of signatories
Among the 29 signatories are major organizations in the field of transport, healthcare, energy and banking:
- ABN Amro
- CIO Platform Nederland
- CIO forum Belgian Business
- Coöperatie SURF U.A.
- Corbion Group Netherlands
- Eneco
- European Network for Cyber Security
- Honeywell
- IHC Merwede
- ING
- KPN
- LUMC
- Nederlandse Gasunie
- NS
- NUON
- NXP
- Palo Alto Networks
- Phillips
- Pon
- PostNL
- Rabobank
- SAAB
- Schuberg Phillis
- SNS Bank
- Stedin
- Tennet
- TNO
- Vodafone
- VOICE
