Mitre-backed cyber vulnerability program to lose funding
a year ago
- #cybersecurity
- #funding-cuts
- #critical-infrastructure
- MITRE's Common Vulnerabilities and Exposures (CVE) Program, a global standard for vulnerability identification, will lose U.S. government funding on Wednesday.
- The CVE Program, operational since 1999, provides a standardized framework for cataloging cybersecurity vulnerabilities, assigning unique identifiers to each.
- Funding for related programs like the Common Weakness Enumeration will also expire, impacting national vulnerability databases and critical infrastructure.
- The program has cataloged nearly 275,000 records and is crucial for security researchers, vendors, and government agencies.
- The funding lapse has been criticized as reckless, potentially undermining global cybersecurity and benefiting malicious actors.
- CISA, a primary sponsor of the CVE Program, is working to mitigate impacts and maintain services.
- The funding loss coincides with challenges at the National Institute of Standards and Technology in managing its National Vulnerability Database.