The Department of Commerce’s vulnerability disclosure program (VDP), designed to protect its public-facing information technology systems, has been deemed “not fully effective” according to a recent audit conducted by the department’s Office of Inspector General (OIG). The audit highlights several shortcomings in the department’s approach to vulnerability disclosure and remediation.
First seen on thecyberexpress.com
Jump to article: thecyberexpress.com/vdp-oig-audit-cybersecurity/
