Global S&T Development Trend Analysis Platform of Resources and Environment
DOI | 10.1787/0e2615ba-en |
Encouraging vulnerability treatment | |
OECD | |
2021-02-11 | |
出版年 | 2021 |
国家 | 国际 |
领域 | 气候变化 ; 资源环境 ; 地球科学 |
英文摘要 | Most digital security incidents are caused by malicious actors (e.g. cybercriminals and state-sponsored groups) exploiting vulnerabilities in organisations’ digital ecosystems. Addressing vulnerabilities before attackers take advantage of them is an effective means of reducing the probability of cybersecurity incidents. This paper discusses vulnerabilities in products’ code such as software and firmware, and in how products are implemented in information systems. It shows that the technical community has progressed in developing good practice for treating vulnerabilities, including through co-ordinated vulnerability disclosure (CVD). However, significant economic and social challenges prevent stakeholders from adopting good practice, such as legal frameworks that do not sufficiently protect “ethical hackers” from legal proceedings. The paper stresses that public policies aimed at removing obstacles and encouraging vulnerability treatment could significantly reduce digital security risk for all. The findings from this paper will inform the development of a new OECD Recommendation in this area. |
URL | 查看原文 |
来源平台 | OECD iLibrary |
引用统计 | |
文献类型 | 科技报告 |
条目标识符 | http://119.78.100.173/C666/handle/2XK7JSWQ/314304 |
专题 | 气候变化 地球科学 资源环境科学 |
推荐引用方式 GB/T 7714 | OECD. Encouraging vulnerability treatment,2021. |
条目包含的文件 | 条目无相关文件。 |
个性服务 |
推荐该条目 |
保存到收藏夹 |
查看访问统计 |
导出为Endnote文件 |
谷歌学术 |
谷歌学术中相似的文章 |
[OECD]的文章 |
百度学术 |
百度学术中相似的文章 |
[OECD]的文章 |
必应学术 |
必应学术中相似的文章 |
[OECD]的文章 |
相关权益政策 |
暂无数据 |
收藏/分享 |
除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。
修改评论