"The Cybersecurity and Infrastructure Security Agency is exploring more diversified funding mechanisms to help cover the cost of a bedrock vulnerability cataloging program that's been relied upon by the cyber community for years. The Common Vulnerabilities and Exposures Program faced a near complete lapse in funding in April when MITRE, the research giant that funds much of the program's functions, warned of an imminent end to federal backing for the cornerstone cybersecurity project. The lapse was reversed within hours after outcry from the cybersecurity community."
""As a critical public good, the CVE Program's infrastructure and core services require ongoing investment from CISA," the cyber defense agency said in a Wednesday paper outlining strategies for the future of the project. "Many in the community have requested that CISA consider alternative funding sources. As CISA evaluates potential mechanisms for diversified funding, we will update the community.""
CISA is exploring diversified funding mechanisms to cover costs of the Common Vulnerabilities and Exposures (CVE) Program. The CVE Program nearly lost federal funding in April after MITRE warned of an imminent end to federal backing, a lapse that was reversed within hours following industry outcry. The CVE system assigns unique identifiers to publicly known software flaws so researchers, vendors and officials can communicate about the same issues. CISA plans to expand community partnerships, improve data quality standards for vulnerability information shared with private sector and foreign governments, and maintain ongoing investment to preserve CVE infrastructure and core services.
Read at Nextgov.com
Unable to calculate read time
Collection
[
|
...
]