A good example are the recent PrintNightmare vulnerabilities we informed you about. Over the weekend, immediately after the announcement, we performed a technical analysis on the vulnerability in order to gain insight into the risk, the impact for our customers and the attack vectors. Based on the technical analysis, we determined the next steps. This structured approach is a permanent part of our way of working and culture: always perform an analysis first, involve all relevant stakeholders and only then determine the next steps. This way, we can make sure we have a well-considered approach to the vulnerabilities and possible risks, whereby the confidentiality of your data is key.
Of course, this is not only up to us, but it is a joint effort. We can learn from each other, join forces and discuss how we can work together on this. Security, privacy and compliance is a broader issue, which we are already discussing with various business partners and would also like to discuss with you. We do not have a monopoly on wisdom and would also like to hear your insights in order to develop an integrated security policy.