- VRI will supplement NCSC’s current vulnerability research effort
- It is tasked with communicating NCSC’s needs with external experts
- The goal is to understand deficiencies, patches and research methodology
The United Kingdom’s National Cyber Security Center (NCSC) has announced the Forming of the SUSTABILITY Research Initiative (VRI), a new program that will see the collaboration with third-party cybersecurity experts for vulnerability research in commodity and specialized tech.
NCSC said it is currently operating a team of internal researchers who are experts in ordinary technologies and who perform vulnerability research (VR) on a number of technologies and products, from traditional product tech, to specialized solutions used only a few places.
However, the team is unable to keep up with the speed in which the technology industry is changing. New technique emerges every day, and Old Tech develops beyond recognition, “and thus VR becomes more difficult”.
Understand the vulnerabilities
“This means that the NCSC demand after VR continues to grow,” NCSC explained.
To tackle the challenge, it decided to create VRI and bring in third -party assistance. The goal of the program is to help NCSC’s researchers understand the vulnerabilities present in today’s technologies, the necessary mitigation, how experts carry out their research and what tools they use in the process.
“This successful way of working increases NCSC’s capacity to perform VR and shares VR expertise throughout the United Kingdom’s VR ecosystem,” the press release further states.
The VRI core team will include technical experts, relationship leaders and project managers, where the core team is responsible for communicating the VR team’s requirements for VRI industry partners and to oversee the research and the results of the research.
In the (near) future, NCSC will bring in several experts to tackle the AI-drive or otherwise AI-related vulnerabilities. Those who are interested in participating in VRI must reach the agency via e -mail at [email protected]. The address should not be used to share vulnerability reports.
Via Bleeping computer
