Election Systems & Software Unveils Vulnerability Disclosure Policy; Chris Wlaschin Quoted

Chris Wlaschin
Chris Wlaschin

Election Systems & Software, an Omaha, Neb.-based voting equipment maker, announced a vulnerability disclosure policy that will allow security researchers to look for software bugs in the company’s corporate networks and public-facing websites, CyberScoop reported Wednesday.

The new policy announced at the virtual Black Hat conference will provide ES&S 90 days to address the cyber vulnerabilities before security researchers can publicly report those issues.

“Hackers are going to hack, researchers are going to research, whether or not there’s a policy in place,” Chris Wlaschin, vice president of systems security at ES&S, told the publication. “We think it’s important to have that safe harbor language out there to set expectations.”

The Wall Street Journal reported other voting machine vendors are becoming more open to scrutiny of their systems by security researchers. Denver-based Dominion Voting Systems intends to issue a vulnerability disclosure policy in the coming weeks. Austin, Texas-based Hart InterCivic said it has broadened its vulnerability reporting and testing efforts in the past year.

Check Also

Bill Beard SVP Vertex Aerospace

Bill Beard Promoted to Corporate Operations & Strategy SVP at Vertex Aerospace

Bill Beard, former interim senior vice president of corporate business operations and development at Vertex Aerospace, has been promoted to SVP of corporate operations and strategy.


Carahsoft, GitLab Partner to Offer Agencies DevSecOps Platform via AWS Marketplace

Carahsoft Technology has agreed to offer GitLab's suite of DevSecOps tools to government organizations through Amazon Web Services' cloud marketplace and helped launch a product and training package as part of the partnership


QTS Receives EPA Recognition for Energy Procurement Approach

QTS Realty Trust has won a Direct Project Engagement award from the Environmental Protection Agency for the data center services provider's practice of sourcing renewable electricity to power its operations.