Ari Schwartz, Venable's Managing Director of Cybersecurity Services, was quoted in a May 22, 2017, Politico article on new legislation proposing changes to the Vulnerabilities Equities Process (VEP). The proposed bill establishes and overhauls the government's procedures for disclosing software vulnerabilities.
Schwartz said the bill's requirement that the Vulnerability Equities Review Board specify policies for when, whether, and how the government discloses vulnerabilities is immensely valuable. "Laying out the criteria alone is extremely helpful…Having the oversight, and laying out clear oversight is important." He added, "It'll be interesting to hear what the intelligence community has to say about it, in particular…It does give a lot of authority to DHS."