Netherlands offers guidelines to work with hactivists

[InfoSec News <alerts () infosecnews org>]

https://www.pcworld.com/article/2023787/netherlands-offers-guidelines-to-work-with-hactivists.html

By Loek Essers
PCWorld.com
Jan 6, 2013

The Dutch government's cyber security center has published guidelines 
that it hopes will encourage ethical hackers to disclose security 
vulnerabilities in a responsible way.

"Persons who report an IT vulnerability have an important social 
responsibility," the Dutch ministry of Security and Justice said on 
Thursday, announcing guidelines for ethical hacking that were published 
by the country's National Cyber Security Center (NCSC).

White-hat hackers and security researchers play an important role in 
securing IT systems by finding vulnerabilities, the NCSC said. However, 
the center maintained that security researchers are sometimes reluctant 
to disclose vulnerabilities to companies, instead using media outlets to 
announce vulnerabilities, which is an undesirable practice because it 
exposes a hole before it is fixed. (See also "'Audacious' Hactivists 
Make Social Statement, Scholar Says.")

With the guide, the government wants to provide organizations with a 
framework to create their own policies on responsible disclosure. Ivo 
Opstelten, Minister of Security and Justice, plans to encourage a wide 
use of the responsible disclosure guidelines within the government, he 
said in a letter sent to the parliament.

[...]


______________________________________________
Visit the InfoSec News Security Bookstore
Best Selling Security Books and More!
http://www.shopinfosecnews.org