Policy Momentum in Coordinated Vulnerability Disclosure – Amit Elazari – ASW #183
Security is one of the most evolving and impactful landscapes in the regulatory sphere. Proposed initiatives in the areas of Incident Response, Software and Product Assurance, Coordinated Vulnerability Disclosure (CVD), and IoT or Connected Products Regulations are among the most active and developing areas of security policy around the world. This evolving landscape also serves as an opportunity for innovation and research collaboration. Elazari will walk us through some of the most recent trends in policy proposals shaping the future of security. We will also talk about bug bounties and vulnerability disclosure, what are some of the industry's best practices in this area, how to implement these programs to foster security, collaboration and transparency, and how this connects to the policy momentum and its impact on security researchers.
Segment Resources:
- Project Circuit Breaker: https://www.intel.com/content/www/us/en/newsroom/news/intel-launches-project-circuit-breaker.html
- Project Circuit Breaker Landing Page: https://www.projectcircuitbreaker.com/
- Intel’s 2021 Product Security Report: https://www.intel.com/content/www/us/en/security/intel-2021-product-security-report.html
Announcements
Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!
CRA's Business Intelligence Unit has launched its next survey on Zero Trust! What are Your Barriers to Zero Trust Implementation? Take our survey and enter to win a $500 Tango card by visiting https://securityweekly.com/zerotrust. Report results will be released at our upcoming Zero Trust E-Summit in March!
Guest
Dr. Amit Elazari, J.S.D. is Director, Global Security Policy at Intel Corporation’s Global Government Affairs organization, a Lecturer at UC Berkeley School of Information, and a member of the External Advisory Committee for the Center of Long-Term Cybersecurity at UC Berkeley. She holds a doctoral degree in technology law (J.S.D) from UC Berkeley School of Law and graduated summa cum laude three prior degrees in law and business. Her work on security policy and technology law has been featured at top conferences such as RSA, Black Hat and USENIX Security, published in leading academic journals and featured in popular press, including The New York Times, The Washington Post and Wall Street Journal.