Save to My Lists Export Return to Browse
     
Limit search to available items
Previous Record Next Record
  Permalink    
Book Cover
E-book
Author Scott, Stewart, author

Title Dragon tails : preserving international cybersecurity research / Stewart Scott, Sara Ann Bracket, Yumi Gambrill, Emmeline Nettles, and Trey Herr
Published Washington, DC : Atlantic Council, 2022
©2022
Click on the following:
JSTOR Security
JSTOR Security

Copies

Description 1 online resource (38 pages) : color illustrations
Summary Cybersecurity, writ large, benefits enormously from an international community of researchers, hackers, and bug hunters. They find and disclose critical vulnerabilities, often responsibly, while working outside affected vendors or codebases. Yet, the policy debates that shape the legal environment around vulnerability disclosure often fail to consider cybersecurity as a function of both the supply of vulnerability research and the health of those research communities. This paper analyzes a series of Chinese regulatory changes altering vulnerability disclosure practices to assess their impact on the supply of research from China's significantly productive community. The paper examines disclosure data from a mix of proprietary and open-source codebases, looking across vendor and software types with a simple time-series analysis to look for the impact of recent Chinese regulations. The study of this data revealed that while national regulations do indeed affect the supply of vulnerability research under some circumstances, the effect is not as large, consistent, or discernible as might first be expected. The prospect of copycat regulations, however, motivates concluding policy recommendations focused on strengthening the health of the global vulnerability-research community and lowering barriers-to-entry for both research and disclosure
Bibliography Includes bibliographical references
Notes Online resource; title from PDF title page (Atlantic Council, viewed September 19, 2022)
Subject Disclosure of information -- Government policy -- China
Disclosure of information -- Law and legislation -- Evaluation
Computer networks -- Security measures.
Computer networks -- Security measures
Disclosure of information -- Government policy
China
Form Electronic book
Author Bracket, Sara Ann, author
Gambrill, Yumi, author
Nettles, Emmeline, author
Herr, Trey, author
Atlantic Council of the United States, publisher.
Cyber Statecraft Initiative
Digital Forensic Research Lab
ISBN 9781619772472
1619772477
Other Titles Preserving international cybersecurity research
  Permalink