Please login or sign up to post and edit reviews.
China’s Approach to Software Vulnerabilities Reporting
Media Type |
audio
Categories Via RSS |
Government
History
News
Politics
Publication Date |
Oct 19, 2023
Episode Duration |
00:45:11

In July 2021, the Chinese government published its “Regulations on the Management of Network Product Security Vulnerabilities.” These rules require researchers to inform the government of all flaws in code within 48 hours of their discovery, effectively supporting efforts to stockpile software vulnerabilities, which can then be used for offensive cyber operations.

Lawfare Fellow in Technology Policy and Law Eugenia Lostri sat down with two guests who recently authored a report on how China manages software vulnerabilities. Dakota Cary is a nonresident fellow at the Atlantic Council’s Global China Hub and a consultant at Krebs Stamos Group. Kristin del Rosso is a public sector field CTO at IT security company Sophos. They talked about how companies have adjusted to China’s rules, how their system compares to the U.S. voluntary approach, and the incentives to collect vulnerabilities for offensive operations. 

Support this show http://supporter.acast.com/lawfare.


Hosted on Acast. See acast.com/privacy for more information.

This episode currently has no reviews.

Submit Review
This episode could use a review!

This episode could use a review! Have anything to say about it? Share your thoughts using the button below.

Submit Review