‘Stupid and Dangerous’: CISA Funding Chaos Threatens Essential Cybersecurity Program
1 min read
Summary
The US Cybersecurity and Infrastructure Security Agency (CISA) has renewed its funding for the Common Vulnerabilities and Exposures (CVE) Program, which identifies and addresses vulnerabilities in software.
The contract with the program’s manager, non-profit research group Mitre, has been extended by 11 months following “an eleventh-hour scramble”.
Cyber researchers had proposed setting up a new non-profit called the CVE Foundation, amid concerns over the neutrality of a single government sponsor.
The CVE Program is seen as vital to maintaining cyber security, with one expert stating: “Losing it would be a risk to everyone.”
It is unclear who would be involved with the new foundation or where funds to continue the program would come from in the future.
