12 May 2016: Launch Manifesto on Coordinated Vulnerability Disclosure

Twentynine organizations signed the Coordinated Vulnerability Disclosure Manifesto during the EU High Level Meeting on Cyber Security on 12 May 2016 in Amsterdam. In this manifesto they announce public reporting mechanisms on vulnerabilities in their ICT systems and call upon other organizations to do the same.

Representatives of organisations who signed the Manifesto at the EU High Level Meeting on Cyber Security on 12 May 2016 in Amsterdam.

The Manifesto was initiated by Rabobank and CIO Platform Nederland in coordination with the Dutch National Cybersecurity Centre in the context of the Dutch chairmanship of the EU. The Manifesto is signed by major organizations in the field of transport, healthcare, energy and has been embraced by the GFCE initiative on Responsible Disclosure as global best practice.

Engaging with hacker and research community

Over recent years the importance of ICT and the role it plays in our daily lives has grown exponential. With it, our dependence on ICT and potential negative consequences of vulnerabilities in our ICT-systems are growing as well. Signatories of the manifesto acknowledge the importance to engage researchers and the hacker community in reporting of vulnerabilities in their systems, so weaknesses can be detected and fixed in an early stage. The manifesto aims to make all parties more aware of the importance of cooperation, to improve cybersecurity for everyone.

Sign the Manifesto!

The manifesto is accommodated in the GFCE initiative on Responsible Disclosure to increase the number of signatories globally. Public and private organizations globally are invited to become a signatory to the Manifesto. Signatories to the Manifesto do not have to be member to the GFCE.

The Manifesto, more background information and most frequently asked questions and answers are available at the webpage of the Responsible Disclosure initiative.

List of signatories

Among the 29 signatories are major organizations in the field of transport, healthcare, energy and banking:

  • ABN Amro
  • CIO Platform Nederland
  • CIO forum Belgian Business
  • Coöperatie SURF U.A.
  • Corbion Group Netherlands
  • Eneco
  • European Network for Cyber Security
  • Honeywell
  • IHC Merwede
  • ING
  • KPN
  • LUMC
  • Nederlandse Gasunie
  • NS
  • NUON
  • NXP
  • Palo Alto Networks
  • Phillips
  • Pon
  • PostNL
  • Rabobank
  • SAAB
  • Schuberg Phillis
  • SNS Bank
  • Stedin
  • Tennet
  • TNO
  • Vodafone
  • VOICE