The IT Nerd

The non-profit research and development organization MITRE put out a statement saying that their funding which allows them to run the Common Vulnerabilities and Exposures (CVE) program is about to get cut as of TODAY.

Let me get to the point. This is the single dumbest thing that anyone can do as this underpins a huge chunk of vulnerability management, incident response and critical infrastructure protection efforts. In short, we as a whole are screwed from an INFOSEC perspective.

Debbie Gordon, CEO and Founder, Cloud Range had this to say:

“A network is only as secure as the known vulnerabilities that have been patched. Given that our Nation’s Critical Infrastructure is operating under heavy reliance on the CVE repository to discover and resolve reported vulnerabilities, this transition will surely cause major gaps to their level of security. In these times of constant cyber threats, organizations will now need to increase their levels of visibility and awareness, and their defense teams need to have even greater critical thinking and situational awareness to detect and respond to threats.”

Buckle up folks because INFOSEC is about to get really rocky. And I have to admit, I am really, really scared as to what is about to come down the track.

This entry was posted on April 16, 2025 at 9:48 am and is filed under Commentary with tags MITRE. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.