"That's a great example of somebody we want to bring in closer into the fold, to say again, as a global community, how can we really take a better look - more holistic look - at CVEs and what it means for defenders worldwide?"
"There are lots of other stakeholders here, outside of exclusively the U.S.," added Andersen. "One of our key goals is to make sure that they feel like they got ownership, and they've got that seat at the table."
The Cybersecurity and Infrastructure Security Agency seeks to bring more international partners into oversight of the Common Vulnerabilities and Exposures (CVE) Program to strengthen global coordination on vulnerabilities. The CVE Program assigns unique identifiers to publicly known software flaws to standardize communications among researchers, vendors and officials. The program faced a near-complete lapse in U.S. federal funding in April after MITRE warned of discontinued support, and funding was restored within hours following widespread outcry from the cybersecurity community. CISA intends to expand community partnerships and improve data-quality standards for vulnerability information shared with the private sector and foreign governments.
Read at Nextgov.com
Unable to calculate read time
Collection
[
|
...
]