000 | 01700cam a2200157 4500 | ||
---|---|---|---|
100 | 1 | _aLEAL Marcelo M. | |
700 | _aMUSGRAVE Paul M. | ||
245 |
_aBackwards from zero: how the U.S public evaluates the use of zero-day vulnerabilities in cybersecurity/ _cMarcelo M. Leal and Paul Musgrave |
||
260 | _c2023 | ||
520 | _aZero-day vulnerabilities are software and hardware flaws that are unknown to computer vendors. As powerful means of carrying out cyber intrusions, such vulnerabilities present a dilemma for governments. Actors that develop or procure such vulnerabilities may retain them for future use; alternatively, agencies possessing such vulnerabilities may disclose the flaws to affected vendors so they can be patched, thereby denying vulnerabilities not only to adversaries but also themselves. Previous research has explored the ethics and implications of this dilemma, but no study has investigated public opinion regarding zero-day exploits. We present results from a survey experiment testing whether conditions identified as important in the literature influence respondents' support for disclosing or stockpiling zero-day vulnerabilities. Our results show that respondents overwhelmingly support disclosure, a conclusion only weakly affected by the likelihood that an adversary will independently discover the vulnerability. Our findings suggest a gap between public preferences and current U.S. policy. | ||
650 | _aCYBERSECURITY POLICY | ||
773 |
_aContemporary Security Policy: _gVol 44, No 3, July 2023, pp437-461 |
||
598 | _aCYBERSEC | ||
856 |
_uhttps://www.tandfonline.com/doi/full/10.1080/13523260.2023.2216112 _zclick here for full text |
||
945 |
_i70177-1001 _rY _sY |
||
999 |
_c43247 _d43247 |