The European Union, through ENISA, is moving to bolster and diversify support for the Common Vulnerabilities and Exposures (CVE) program after a contracting scare involving MITRE exposed reliance on a single U.S. government contract. Lawmakers and industry experts are pushing for clearer governance, continuity measures, and higher-quality, machine-readable vulnerability records to address political risks and the accelerating pace of AI-driven attacks. #CVE #ENISA
Keypoints
- ENISA has been tasked by EU member states to strengthen and modernize the CVE system.
- A brief contracting scare with MITRE exposed the risks of relying on a single U.S. government contract.
- U.S. lawmakers are drafting legislation to formalize CVE governance and clarify CISAโs responsibilities.
- Experts urge improving record quality and machine-readable data at issuance to keep pace with AI-accelerated attacks.
- MITRE remains the operator and CISA/DHS have implemented measures to stabilize and maintain continuity.
Read More: https://thecyberexpress.com/bedrock-cyber-vulnerability/