Too often discussions about vulnerability disclosure processes a framed in terms of binary choices: disclose / don’t disclose. We will discuss an alternate approach where governments assess “when” and “how” to disclose vulnerabilities to those who can fix instead of “whether” and “if”. This panel will also discuss why governments are hacking endpoints using vulnerabilities and why we need rules to govern those activities.

Eric Wenger, Director, Cybersecurity & Privacy Policy, Cisco
Angela McKay, Director, Cybersecurity Policy and Strategy, Microsoft
Ari Schwartz, Managing Director, Cybersecurity Services & Policy, Venable
Harley Geiger, Director, Public Policy, Rapid7

Room 301

Conference Materials



Harley Geiger
Harley Geiger

Senior Counsel & Advocacy Director
Center for Democracy & Technology

Angela McKay

Director, Cybersecurity Policy and Strategy

Ari Schwartz
Ari Schwartz

Managing Director of Cybersecurity Services
Venable LLP

Eric Wenger
Eric Wenger

Director Cybersecurity & Privacy Policy, Global Governmental Affairs
Cisco Systems