CISA Announces Renewed Funding Contract for MITRE-Backed Program, CVE Board Launch the CVE Foundation
Published
- The CVE Program will be taken forward with the newly established CVE Foundation
- Members of the CVE Board came together to launch the body for the continued maintenance of Common Vulnerabilities and Exposures
- CISA also declared that it will fund the MITRE-backed Common Vulnerabilities and Exposures Program
After the announcement of the expiration of the U.S. government funding to the MITRE corporation sent shockwaves across the security industry, CISA stepped up with a reassuring update. At the same time, the CVE board declared the establishment of a new foundation.
The American cyber defense agency CISA jumped to action and responded to the urgent call of cyber defenders. They announced that the U.S. government will extend the contract to fund the Common Vulnerability and Exposure (CVE) program so it thrives and functions as usual.
This comes with the news of the start of the “CVE Foundation,” launched to secure the future of the CVE program.
Established today, the CVE Foundation published a report that addressed the long standing concerns among the board members about the sustainability of the resource which relied on a single government sponsor.
“In response, a coalition of longtime, active CVE Board members have spent the past year developing a strategy to transition CVE to a dedicated, non-profit foundation,” mentioning their stand on the dangers looming over the project.
Kent Landfield, an officer of the CVE Foundation stated, “CVE, as a cornerstone of the global cybersecurity ecosystem, is too important to be vulnerable itself.”
The board members are determined to eliminate risks and sustain as an organization catering to cybersecurity professionals worldwide and offering a complete and comprehensive resource for vulnerability management.
Industry experts commented about funding being the need of the hour for the CVE program. Saeed Abbasi, Manager, vulnerability research at Qualys threat research unit shared, "These public databases offer the cybersecurity community a common language for risk and an unprecedented level of cohesiveness and clarity."
Darren Guccione, CEO and Co-Founder at Keeper Security stated, "Focus on critical cybersecurity programs should be prioritized now, more than ever, in the face of growing threats from malicious nation-states and cybercriminals. The CVE funding scare comes at a time when cyber threats are growing in both volume and sophistication. Now is the time for our government to invest in cybersecurity programs and solutions that increase our nation’s readiness and resilience."
More information about the functioning, structure, transitions and opportunities will be released by them in the future.
This story has been updated with expert comments on the CVE management program.
Related
Most Popular
Most Popular