Dive Brief:
-
Mozilla wants the US government to establish better policies to share information about cybersecurity threats.
-
Mozilla, the maker of open-source web browser Firefox, also praised Sens. Angus King Jr. (I-ME) and Martin Heinrich (D-NM) for a letter they recently penned to President Obama asking him to formalize the Vulnerabilities Equities Process (VEP).
-
VEP is the process the federal government uses to review and communicate about cyber vulnerabilities it discovers.
Dive Insight:
Mozilla wants the White House to establish formal, government-wide policies around the sharing of security vulnerabilities. The push comes in response to the massive DDoS attack against DNS provider Dyn last week, which disrupted service for many users trying to reach Twitter, Etsy, Github, Spotify, Reddit, Netflix and SoundCloud, among others.
Mozilla specifically wants the Obama administration to make five reforms to the VEP, including requiring agencies involved in the VEP to work together to “evaluate a standard set of criteria to ensure all relevant risks and interests are considered,” according to the company’s blog, and formalizing VEP in law to “ensure compliance and permanence.”
