Papers
Topics
Authors
Recent
Search
2000 character limit reached

Vulnerability Coordination Under the Cyber Resilience Act

Published 9 Dec 2024 in cs.CR, cs.CY, and cs.SE | (2412.06261v2)

Abstract: A new Cyber Resilience Act (CRA) was recently agreed upon in the European Union (EU). It imposes many new cyber security requirements practically to all information technology products, whether hardware or software. The paper examines and elaborates the CRA's new requirements for vulnerability coordination, including vulnerability disclosure. Although these requirements are only a part of the CRA's obligations for vendors, also some new vulnerability coordination mandates are present, including particularly with respect to so-called actively exploited vulnerabilities. The CRA further alters the coordination practices on the side of public administrations. With the examination, elaboration, and associated discussion, the paper contributes to the study of cyber security regulations, providing also a few practical takeaways.

Citations (1)
View on Semantic Scholar

Summary

No one has generated a summary of this paper yet.

Sign Up to Summarize

Paper to Video (Beta)

No one has generated a video about this paper yet.

Sign Up to Generate All Videos Subscribe on YouTube

Whiteboard

No one has generated a whiteboard explanation for this paper yet.

Sign Up to Generate

Open Problems

We haven't generated a list of open problems mentioned in this paper yet.

Generate Now

Continue Learning

We haven't generated follow-up questions for this paper yet.

Generate Now

Authors (2)

  1. Jukka Ruohonen 
  2. Paul Timmers 

Collections

Sign up for free to add this paper to one or more collections.

Sign Up