The importance of Vulnerability Disclosure for businesses

A senior member of the security team for the NHS Covid-19 app recently shared how having a defence process in place had averted a cyber crisis for the app and meant a QR code login bug could be fixed quickly.

It was discovered that users of the Covid app were able to check in to a venue using a QR code poster that was not generated by the NHS service.

In his blog for the National Cyber Security Centre, Stuart H shares how having a Vulnerability Disclosure Programme had enabled developers to quickly create a patch to fix this problem, which you can read about here:

Though most small businesses will not have in-house developers like the Covid-19 app team, this story highlights the importance of having a back-up plan in place. Would you know exactly what to do if you or one of your customers discovered a bug in your app or website?

The NCSC has a Vulnerability Disclosure Toolkit to help organisations prepare their plan of action. This is suitable for businesses of all sizes to increase their resilience against as potential future attack:

As a member of the NEBRC, you will have contact with local cyber security officers who can help you strengthen your processes. Learn about joining us here: