White House picks new chief to overlook cyber weapons group

The White House has a new leader of a largely secretive government group that decides whether software and hardware vulnerabilities should be withheld from the public to help the government conduct cyber operations.

Grand Schneider, the federal chief information security officer and senior director at the National Security Council, was named head of the Vulnerabilities Equities Process (VEP) board.

I hope they mean “overlook” in the sense of supervising and not in the sense of “to look upon with an evil eye”. Anyway, the article continues …

The group determines if the government should withhold so-called zero day flaws, which are previously undiscovered security bugs that have not yet been patched. The government uses the board to decide which flaws it can use to conduct surveillance — or to disclose to the public.

But, in withholding the flaws for cyber-operations, companies and citizens can be left vulnerable if the vulnerabilities are discovered by others.

For me the question comes down to who will be damaged more by the vulnerabilities. More often than not business and western liberal democracies are at greater risk, so the US government potentially damages those they are meant to protect.

What do you think?

This site uses Akismet to reduce spam. Learn how your comment data is processed.

To respond on your own website, enter the URL of your response which should contain a link to this post's permalink URL. Your response will then appear (possibly after moderation) on this page. Want to update or remove your response? Update or delete your post and re-enter your post's URL again. (Learn More)