According  to  The  White  House,  “[Trump]  promised  to  strengthen  America’s
               cybersecurity  capabilities  and  secure America from  cyber threats. The  release  of this
               Charter and adherence to the rigor it demands follows through on that commitment to
               the American people.”

















































               It’s worth repeating that the VEP isn’t new. The policies of the Trump administration with
               regards to vulnerability disclosure are no different from the previous administration. VEP
               is just a rehash of previous policies and councils that were in place to appease public
               perception  on  government-curated  vulnerabilities—it  does  nothing  to  strengthen
               cybersecurity.

               The fact of the matter is, the White House’s move to release the VEP validates what the
               industry has been concerned about all along. There are a number of loop holes and a
               lack  of  industry  oversight,  both  of  which  are  troublesome.  Let’s  start  with  the  lack  of
               industry oversight. In its press release, the White House claims that the VEP represents
               the interests of “commercial equities; and international partnership equities.” However,



                   68    Cyber Defense eMagazine – December 2017 Edition
                         Copyright © 2017, Cyber Defense Magazine,  All rights reserved worldwide.