Beta

Source: OJ L, 2024/1774, 25.6.2024

EN

Recital 13 Responsible vulnerability disclosure

To ensure timely and transparent communication of potential security threats that could impact the financial entity means a natural or legal person created and recognised as such under the national law of its place of establishment, which may, acting under its own name, exercise rights and be subject to obligations; and its stakeholders, financial entitiesas defined in Article 2, points (a) to (t) should establish procedures for the responsible disclosure of ICT vulnerabilities means a weakness, susceptibility or flaw of a product with digital elements that can be exploited by a cyber threat; to clients, counterparts, and the public. When establishing those procedures, financial entitiesas defined in Article 2, points (a) to (t) should consider factors, including the severity of the vulnerability means a weakness, susceptibility or flaw of a product with digital elements that can be exploited by a cyber threat;, the potential impact of such vulnerability means a weakness, susceptibility or flaw of a product with digital elements that can be exploited by a cyber threat; on stakeholders, and the readiness of a fix or mitigation measures.

Table of contents

We're continuously improving our platform to serve you better.

Your feedback matters! Let us know how we can improve.

Contact us:

dora@springflod.se

Found a bug?

Springflod is a Swedish boutique consultancy firm specialising in cyber security within the financial services sector.

We offer professional services concerning information security governance, risk and compliance.

Crafted with ❤️ by Springflod