Mission Statement

The Center for Cybersecurity Policy and Law is a nonprofit (501(c)(6) organization that develops, advances, and promotes best practices and educational opportunities among cybersecurity professionals. The Center provides a forum for thought leadership for the benefit of those in the industry including members of civil society and government entities in the area of cybersecurity and related technology policy. The Center seeks to leverage the experience of leaders in the field to ensure a robust marketplace for cybersecurity technologies that will encourage professionals, companies, and groups of all sizes to take steps to improve their cybersecurity practices.

Featured Initiative

Vulnerability management Coalition

Software and hardware vulnerabilities continue to be one of the major areas of focus within organizational cybersecurity risk management programs. Addressing these challenges has multiple facets, many of which fall outside of any organizations ability to directly address them at scale. The complex web of standards, databases, law, and regulation has required the establishment of multiple organizations responsible for governance, promulgation, and delivery of critical vulnerability information on which nearly all organizations depend. Historically, consumers of vulnerability information have been largely underrepresented in these governing bodies, leaving critical decisions in the hands of stakeholders that lack the complete picture of how their decisions impact the day-to-day management of vulnerability risk for those that depend on what they are doing. The Vulnerability Management initiative will address the needs of a wide range of stakeholders across all sectors with the goal of ensuring that vulnerability management continues to evolve in ways that benefit all.

On September 13, the Coalition hosted its kickoff Vulnerability Management Workshop featuring speakers from across the spectrum who shared their thoughts on these important issues and discussed how stakeholders could most effectively engage to ensure that vulnerability-related policies and standards are rational and effective.

More information coming soon!