To hope to get a handle on risk, you need to understand both the process involved, and known or predicted measures of risk. To lead some useful management approach. That's also a key element of transparency.
Customers Deserve Transparency to Manage Risk By Anthony Grieco in Cisco Blog Contributors: Russ Smoak
Our commitment to customers is to be open and transparent, especially as it relates to issues that could negatively impact their business. At Cisco, our leadership made the decision over twenty years ago that we would clearly communicate with customers about technical or other issues that could potentially expose their organizations to risk. It is one of the many ways we act as a trusted partner to our customers. Over those last twenty years, our team and security vulnerability process has evolved to meet customers’ needs. Ultimately, we want our customers to have the information they need to protect their networks.
We get called out from time to time about vulnerability disclosures we make. Yet… our policy remains unchanged: when security issues arise, we handle them openly and as a matter of top priority, so our customers understand the issue and how to address it. To fulfill this promise we follow a strict process to manage the receipt, investigation, and public reporting of security vulnerability information that is related to Cisco solutions and networks.
With that in mind, we’d like to address some of the most common questions and misconceptions we hear from our customers and the media about our vulnerability disclosure process.
What is a vulnerability and how are they identified? .... "
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment