{"id":1019,"date":"2016-10-25T12:36:52","date_gmt":"2016-10-25T20:36:52","guid":{"rendered":"https:\/\/blog.mozilla.org\/netpolicy\/?p=1019"},"modified":"2016-10-25T12:36:52","modified_gmt":"2016-10-25T20:36:52","slug":"mozilla-asks-president-obama-to-help-strengthen-cybersecurity","status":"publish","type":"post","link":"https:\/\/blog.mozilla.org\/netpolicy\/2016\/10\/25\/mozilla-asks-president-obama-to-help-strengthen-cybersecurity\/","title":{"rendered":"Mozilla Asks President Obama to Help Strengthen Cybersecurity"},"content":{"rendered":"<p>Last week\u2019s <a href=\"http:\/\/www.reuters.com\/article\/us-usa-cyber-idUSKCN12L1ME\">cyber attack on Dyn<\/a> that blocked access to popular websites like Amazon, Spotify, and Twitter is the latest example of the increasing threats to Internet security, making it more important that we acknowledge cybersecurity is a <a href=\"https:\/\/blog.mozilla.org\/blog\/2016\/09\/13\/cybersecurity-is-a-shared-responsibility\/\">shared responsibility<\/a>. Governments, companies, and users all need to work together to protect Internet security.<\/p>\n<p>This is why Mozilla applauds Sens. Angus King Jr. (I-ME) and Martin Heinrich (D-NM) for calling on President Obama to establish enduring government-wide policies for the discovery, review, and sharing of security vulnerabilities. They suggest creating bug bounty programs and formalizing the Vulnerabilities Equities Process (VEP) &#8211; the government\u2019s process for reviewing and coordinating the disclosure of vulnerabilities that it learns about or creates.<\/p>\n<p><i>\u201cThe recent intrusions into United States networks and the controversy surrounding the Federal Bureau of Investigation\u2019s efforts to access the iPhone used in the San Bernardino attacks have underscored for us the need to establish more robust and accountable policies regarding security vulnerabilities,\u201d Senators King and Heinrich wrote in their <\/i><a href=\"http:\/\/www.king.senate.gov\/newsroom\/press-releases\/king-heinrich-urge-president-to-strengthen-cybersecurity-networks\"><i>letter<\/i><\/a><i>. <\/i><\/p>\n<p>Mozilla prioritizes the privacy and security of users and we work to find and fix vulnerabilities in Firefox as quickly as possible. We created one of the first <a href=\"https:\/\/www.mozilla.org\/en-US\/security\/bug-bounty\/\">bug bounty programs<\/a> more than 10 years ago to encourage security researchers to report security vulnerabilities.<\/p>\n<p>Mozilla has also called for five specific, important <a href=\"https:\/\/blog.mozilla.org\/netpolicy\/2016\/09\/19\/improving-government-disclosure-of-security-vulnerabilities\/\">reforms to the VEP<\/a>:<\/p>\n<ul>\n<li>All security vulnerabilities should go through the VEP and there should be public timelines for reviewing decisions to delay disclosure.<\/li>\n<li>All relevant federal agencies involved in the VEP must work together to evaluate a standard set of criteria to ensure all relevant risks and interests are considered.<\/li>\n<li>Independent oversight and transparency into the processes and procedures of the VEP must be created.<\/li>\n<li>The VEP Executive Secretariat should live within the Department of Homeland Security because they have built up significant expertise, infrastructure, and trust through existing coordinated vulnerability disclosure programs (for example, US CERT).<\/li>\n<li>The VEP should be codified in law to ensure compliance and permanence.<\/li>\n<\/ul>\n<p>These changes to the discovery, review, and sharing of security vulnerabilities would be a great start to strengthening the shared responsibility of cybersecurity and reducing the countless cyber attacks we see today.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Last week\u2019s cyber attack on Dyn that blocked access to popular websites like Amazon, Spotify, and Twitter is the latest example of the increasing threats to Internet security, making it &hellip; <a class=\"go\" href=\"https:\/\/blog.mozilla.org\/netpolicy\/2016\/10\/25\/mozilla-asks-president-obama-to-help-strengthen-cybersecurity\/\">Read more<\/a><\/p>\n","protected":false},"author":1273,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[283198,847,69,141519,10136,46877],"tags":[],"coauthors":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v22.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Mozilla Asks President Obama to Help Strengthen Cybersecurity - Open Policy &amp; Advocacy<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/blog.mozilla.org\/netpolicy\/2016\/10\/25\/mozilla-asks-president-obama-to-help-strengthen-cybersecurity\/\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Heather West\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/blog.mozilla.org\/netpolicy\/2016\/10\/25\/mozilla-asks-president-obama-to-help-strengthen-cybersecurity\/\",\"url\":\"https:\/\/blog.mozilla.org\/netpolicy\/2016\/10\/25\/mozilla-asks-president-obama-to-help-strengthen-cybersecurity\/\",\"name\":\"Mozilla Asks President Obama to Help Strengthen Cybersecurity - Open Policy &amp; Advocacy\",\"isPartOf\":{\"@id\":\"https:\/\/blog.mozilla.org\/netpolicy\/#website\"},\"datePublished\":\"2016-10-25T20:36:52+00:00\",\"dateModified\":\"2016-10-25T20:36:52+00:00\",\"author\":{\"@id\":\"https:\/\/blog.mozilla.org\/netpolicy\/#\/schema\/person\/fdff0d5bb50c4a81e2743d7f91775d40\"},\"breadcrumb\":{\"@id\":\"https:\/\/blog.mozilla.org\/netpolicy\/2016\/10\/25\/mozilla-asks-president-obama-to-help-strengthen-cybersecurity\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/blog.mozilla.org\/netpolicy\/2016\/10\/25\/mozilla-asks-president-obama-to-help-strengthen-cybersecurity\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/blog.mozilla.org\/netpolicy\/2016\/10\/25\/mozilla-asks-president-obama-to-help-strengthen-cybersecurity\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/blog.mozilla.org\/netpolicy\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Mozilla Asks President Obama to Help Strengthen Cybersecurity\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/blog.mozilla.org\/netpolicy\/#website\",\"url\":\"https:\/\/blog.mozilla.org\/netpolicy\/\",\"name\":\"Open Policy &amp; Advocacy\",\"description\":\"Mozilla&#039;s official blog on open Internet policy initiatives and developments\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/blog.mozilla.org\/netpolicy\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/blog.mozilla.org\/netpolicy\/#\/schema\/person\/fdff0d5bb50c4a81e2743d7f91775d40\",\"name\":\"Heather West\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/blog.mozilla.org\/netpolicy\/#\/schema\/person\/image\/473697387e4dd4394de2baac8badd43c\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/1cc029c6538a1898f71b01b401691323?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/1cc029c6538a1898f71b01b401691323?s=96&d=mm&r=g\",\"caption\":\"Heather West\"},\"description\":\"Heather works on security, cybersecurity, data governance, and privacy in the digital age at Mozilla, maker of the Firefox browser. At the intersection of public policy and technology, she is part policy-to-tech translator, part product consultant, and part long-term Internet strategist. She works with stakeholders and policymakers in DC as well as global product and policy teams and was recognized as one of the 2014 Forbes 30 Under 30 in Law and Policy. She helped found the public policy team at CloudFlare, a website performance and security company, served as global and Federal privacy and security issue expert on Google\u2019s public policy team, and started her career working on government technology, privacy, and identity management at the public interest group Center for Democracy and Technology. She holds a B.A. in Computer Science and Cognitive Science from Wellesley College with concentrations in philosophy and legal studies, and is a Certified Information Privacy Professional (CIPP\/US). She is also recognized as a Christian Science Monitor Passcode Influencer.\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Mozilla Asks President Obama to Help Strengthen Cybersecurity - Open Policy &amp; Advocacy","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/blog.mozilla.org\/netpolicy\/2016\/10\/25\/mozilla-asks-president-obama-to-help-strengthen-cybersecurity\/","twitter_misc":{"Written by":"Heather West","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/blog.mozilla.org\/netpolicy\/2016\/10\/25\/mozilla-asks-president-obama-to-help-strengthen-cybersecurity\/","url":"https:\/\/blog.mozilla.org\/netpolicy\/2016\/10\/25\/mozilla-asks-president-obama-to-help-strengthen-cybersecurity\/","name":"Mozilla Asks President Obama to Help Strengthen Cybersecurity - Open Policy &amp; Advocacy","isPartOf":{"@id":"https:\/\/blog.mozilla.org\/netpolicy\/#website"},"datePublished":"2016-10-25T20:36:52+00:00","dateModified":"2016-10-25T20:36:52+00:00","author":{"@id":"https:\/\/blog.mozilla.org\/netpolicy\/#\/schema\/person\/fdff0d5bb50c4a81e2743d7f91775d40"},"breadcrumb":{"@id":"https:\/\/blog.mozilla.org\/netpolicy\/2016\/10\/25\/mozilla-asks-president-obama-to-help-strengthen-cybersecurity\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/blog.mozilla.org\/netpolicy\/2016\/10\/25\/mozilla-asks-president-obama-to-help-strengthen-cybersecurity\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/blog.mozilla.org\/netpolicy\/2016\/10\/25\/mozilla-asks-president-obama-to-help-strengthen-cybersecurity\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/blog.mozilla.org\/netpolicy\/"},{"@type":"ListItem","position":2,"name":"Mozilla Asks President Obama to Help Strengthen Cybersecurity"}]},{"@type":"WebSite","@id":"https:\/\/blog.mozilla.org\/netpolicy\/#website","url":"https:\/\/blog.mozilla.org\/netpolicy\/","name":"Open Policy &amp; Advocacy","description":"Mozilla&#039;s official blog on open Internet policy initiatives and developments","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/blog.mozilla.org\/netpolicy\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/blog.mozilla.org\/netpolicy\/#\/schema\/person\/fdff0d5bb50c4a81e2743d7f91775d40","name":"Heather West","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/blog.mozilla.org\/netpolicy\/#\/schema\/person\/image\/473697387e4dd4394de2baac8badd43c","url":"https:\/\/secure.gravatar.com\/avatar\/1cc029c6538a1898f71b01b401691323?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/1cc029c6538a1898f71b01b401691323?s=96&d=mm&r=g","caption":"Heather West"},"description":"Heather works on security, cybersecurity, data governance, and privacy in the digital age at Mozilla, maker of the Firefox browser. At the intersection of public policy and technology, she is part policy-to-tech translator, part product consultant, and part long-term Internet strategist. She works with stakeholders and policymakers in DC as well as global product and policy teams and was recognized as one of the 2014 Forbes 30 Under 30 in Law and Policy. She helped found the public policy team at CloudFlare, a website performance and security company, served as global and Federal privacy and security issue expert on Google\u2019s public policy team, and started her career working on government technology, privacy, and identity management at the public interest group Center for Democracy and Technology. She holds a B.A. in Computer Science and Cognitive Science from Wellesley College with concentrations in philosophy and legal studies, and is a Certified Information Privacy Professional (CIPP\/US). She is also recognized as a Christian Science Monitor Passcode Influencer."}]}},"_links":{"self":[{"href":"https:\/\/blog.mozilla.org\/netpolicy\/wp-json\/wp\/v2\/posts\/1019"}],"collection":[{"href":"https:\/\/blog.mozilla.org\/netpolicy\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.mozilla.org\/netpolicy\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.mozilla.org\/netpolicy\/wp-json\/wp\/v2\/users\/1273"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.mozilla.org\/netpolicy\/wp-json\/wp\/v2\/comments?post=1019"}],"version-history":[{"count":0,"href":"https:\/\/blog.mozilla.org\/netpolicy\/wp-json\/wp\/v2\/posts\/1019\/revisions"}],"wp:attachment":[{"href":"https:\/\/blog.mozilla.org\/netpolicy\/wp-json\/wp\/v2\/media?parent=1019"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.mozilla.org\/netpolicy\/wp-json\/wp\/v2\/categories?post=1019"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.mozilla.org\/netpolicy\/wp-json\/wp\/v2\/tags?post=1019"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/blog.mozilla.org\/netpolicy\/wp-json\/wp\/v2\/coauthors?post=1019"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}