The nation’s top voting equipment vendors reportedly are issuing a request for information (RFI) this week on building a vulnerability disclosure program (VDP) to bolster election security.

Noting vulnerability disclosure is critical to finding and fixing software bugs, Casey Ellis, CTO and founder of Bugcrowd, said, “In a climate where most voters share the concern about cyber-interference with the election process, but very few know what that actually means, a clear and decisive move toward transparency by the vendors addresses the bigger vulnerability that’s in play here: Confidence in the democratic process itself.”

"On Election Day, every voter must have confidence in the vote – “and it’s good to see this priority informing decisions being made by the vendors,” said Ellis. “My strong recommendation to election software vendors is to adopt a public vulnerability disclosure program (VDP), and not just engage a vetted group of individuals to find these issues.” 

Please register to continue.

Already registered? Log in.

Once you register, you'll receive:

  • News analysis

    The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.

  • Archives

    Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.

  • Daily Newswire

    SC Media’s essential morning briefing for cybersecurity professionals.

  • Learning Express

    One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.