Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home News

UK Considers Voluntary Software Disclosure

January 25, 2024
Reading Time: 3 mins read
in News

The U.K. government is contemplating the implementation of voluntary rules urging software vendors to responsibly disclose vulnerabilities in their systems. This initiative follows criticisms over the government’s management of legacy infrastructure. Respondents to a call for comments emphasized the need for government intervention to encourage software vendors to disclose vulnerability details promptly. The report revealed concerns about the systemic risk from vulnerabilities and malware in open-source software components and suggested that government guidance on vulnerability disclosure, a software bill of materials, certifications, and regulations could enhance transparency and cybersecurity.

Approximately 200 stakeholders participated in the call for comments, with respondents highlighting the fear of penalization and reputational damage as deterrents for businesses in reporting software vulnerabilities. The report emphasized that 80% of respondents agreed that more efforts should be made to ensure organizations disclose information quickly to prevent the spread of infection. Challenges associated with software security include risks from open-source software components, difficulties in obtaining adequate funding during the development cycle, and the use of unmonitored third-party open-source libraries. The U.K. government plans to publish voluntary practices for vendors, building on existing standards, to establish baseline expectations for software security.

The respondents recommended government guidance on a software bill of materials, certifications for software vendors and developers, and regulations mandating minimum standards of transparency. The proposed voluntary rules aim to improve the country’s cyber resiliency by setting baseline expectations for software security. The U.K. Department for Science, Innovation, and Technology led the consultation, and the government’s efforts to enhance cyber resiliency come amid pressure to address issues with legacy infrastructure in public offices. The release date for the software vulnerability management rules is unclear, but the government plans to involve software vendors, users, and agencies in developing cybersecurity guardrails and procurement processes.

 

Reference:
  • Government response to the call for views on software resilience and security for businesses and organisations

 

Tags: Cyber NewsCyber News 2024CybersecurityGovernmentJanuary 2024United KingdomVulnerabilities
ADVERTISEMENT

Related Posts

Smishing targets routers in Belgium 2025

Google Drive Gains AI Ransomware Guard

October 2, 2025
Smishing targets routers in Belgium 2025

Descope Raises 35M In Seed Extension

October 2, 2025
Smishing targets routers in Belgium 2025

Sendit Sued By FTC Over Kids Data

October 2, 2025
Microsoft Sentinel Unveils AI SIEM

Scattered Spider And ShinyHunters Shift

October 2, 2025
Microsoft Sentinel Unveils AI SIEM

UK Convicts Chinese Crypto Fraudster

October 1, 2025
Microsoft Sentinel Unveils AI SIEM

Microsoft Sentinel Unveils AI SIEM

October 1, 2025

Latest Alerts

Outlook Bug Causes Repeated Crashes

Smishing targets routers in Belgium 2025

MatrixPDF Toolkit Turns PDFs Into Lures

Tesla Fixes TCU Bug With USB Risk

Apple Pushes iPhone and Mac Updates

EvilAI Malware Posing As AI Tools

Subscribe to our newsletter

    Latest Incidents

    Allianz Life July Breach Hits 1.5M

    Dealership Software Breach Hits 766k

    Suffolk Website Down After Cyber-Attack

    WestJet Confirms Data Breach

    Ransomware Gang Recruits Reporter

    US Surveillance Hack Exposes Data

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial