A nonprofit organisation run by board members of MITRE’s Common Vulnerabilities and Exposures Program is exploring new funding models for their widely used software security database. This comes as concerns grow regarding the Cybersecurity and Infrastructure Security Agency’s (CISA) capacity to provide sustainable financial support.
“The reality is that the problem is not solved. We still have one organisation that is funding the entire program when we’ve had other organisations inquire about how they can contribute financially,” stated Kent Landfield, a leader in vulnerability disclosure.
Key Points
- The nonprofit is evaluating alternative funding approaches due to uncertainty around CISA’s long-term support.
- Concerns have been raised about the sustainability of the current funding model, which relies heavily on a single organisation.
- Interest from other organisations wanting to assist financially suggests broader support for vulnerability management resources is necessary.
- Leadership within the nonprofit aims to ensure the continuation of essential security resources amid funding challenges.
Why should I read this?
If you’re in the cybersecurity arena, this article is a must-read! It addresses the critical financial sustainability of a key vulnerability database that many depend on. With changing dynamics in federal support, understanding these shifts helps you stay informed about potential impacts on software security resources. We’ve narrowed down the details for you, saving you the hassle!