Technophile NewsTechnophile News
  • Home
  • News
  • PC
  • Phones
  • Android
  • Gadgets
  • Games
  • Guides
  • Accessories
  • Reviews
  • Spotlight
  • More
    • Artificial Intelligence
    • Web Stories
    • Press Release
What's On

The 255 Best Prime Day Deals on Stuff We’ve Tested and Love

10 July 2025

Gemini Rolls Out to Wear OS Smartwatches With Support for Natural Language Commands

10 July 2025

OpenAI Reportedly Working On an AI-Powered Web Browser, to Compete With Google Chrome

10 July 2025

Apple Reportedly Working on Sealed-Device Update System for MacBook Units at Apple Stores

10 July 2025

Tecno Pova 7 5G, Pova 7 Pro 5G With Dimensity 7300 Ultimate SoC Sale in India Starts Today: Price, Offers

10 July 2025
Facebook X (Twitter) Instagram
  • Privacy
  • Terms
  • Advertise
  • Contact Us
Thursday, July 10
Facebook X (Twitter) Instagram YouTube
Technophile NewsTechnophile News
Demo
  • Home
  • News
  • PC
  • Phones
  • Android
  • Gadgets
  • Games
  • Guides
  • Accessories
  • Reviews
  • Spotlight
  • More
    • Artificial Intelligence
    • Web Stories
    • Press Release
Technophile NewsTechnophile News
Home » ‘Stupid and Dangerous’: CISA Funding Chaos Threatens Essential Cybersecurity Program
News

‘Stupid and Dangerous’: CISA Funding Chaos Threatens Essential Cybersecurity Program

By News Room16 April 20254 Mins Read
Facebook Twitter Pinterest LinkedIn Telegram Tumblr Reddit WhatsApp Email
Share
Facebook Twitter LinkedIn Pinterest Email

In an eleventh-hour scramble before a key contract was set to expire on Tuesday night, the United States Cybersecurity and Infrastructure Security Agency renewed its funding for the longtime software-vulnerability-tracking project known as the Common Vulnerabilities and Exposures Program. Managed by the nonprofit research-and-development group MITRE, the CVE Program is a linchpin of global cybersecurity—providing critical data and services for digital defense and research.

The CVE Program is governed by a board that sets an agenda and priorities for MITRE to carry out using CISA’s funding. A CISA spokesperson said on Wednesday that the contract with MITRE is being extended for 11 months. “The CVE Program is invaluable to the cyber community and a priority of CISA,” they said in a statement. “Last night, CISA executed the option period on the contract to ensure there will be no lapse in critical CVE services. We appreciate our partners’ and stakeholders’ patience.”

MITRE’s vice president and director of the Center for Securing the Homeland, Yosry Barsoum, said in a statement on Wednesday that “CISA identified incremental funding to keep the Programs operational.” With the clock ticking down before this decision came out, though, some members of the CVE Program’s board announced a plan to transition the project into a new nonprofit entity called the CVE Foundation.

“Since its inception, the CVE Program has operated as a US government-funded initiative, with oversight and management provided under contract. While this structure has supported the program’s growth, it has also raised long-standing concerns among members of the CVE Board about the sustainability and neutrality of a globally relied-upon resource being tied to a single government sponsor,” the Foundation wrote in a statement. “This concern has become urgent following an April 15, 2025, letter from MITRE notifying the CVE Board that the US government does not intend to renew its contract for managing the program. While we had hoped this day would not come, we have been preparing for this possibility.”

It is unclear who from the current CVE board is affiliated with the new initiative other than Kent Landfield, a longtime cybersecurity industry member who was quoted in the CVE Foundation statement. The CVE Foundation did not immediately return a request for comment.

CISA did not respond to questions from WIRED about why the fate of the CVE Program contract had been in question and whether it was related to recent budget cuts sweeping the federal government as mandated by the Trump administration.

Researchers and cybersecurity professionals were relieved on Wednesday that the CVE Program hadn’t suddenly ceased to exist as the result of unprecedented instability in US federal funding. And many observers expressed cautious optimism that the incident could ultimately make the CVE Program more resilient if it transitions to be an independent entity that isn’t reliant on funding from any one government or other single source.

“The CVE Program is critical, and it’s in everyone’s interest that it succeed,” says Patrick Garrity, a security researcher at VulnCheck. “Nearly every organization and every security tool is dependent on this information, and it’s not just the US. It’s consumed globally. So it’s really, really important that it continues to be a community-provided service, and we need to figure out what to do about this, because losing it would be a risk to everyone.”

Federal procurement records indicate that it costs in the tens of millions of dollars per contract to run the CVE Program. But in the scheme of the losses that can occur from a single cyberattack exploiting unpatched software vulnerabilities, experts tell WIRED, the operational costs seem negligible versus the benefit to US defense alone.

Despite CISA’s last-minute funding, the future of the CVE Program is still unclear for the long term. As one source, who requested anonymity because they are a federal contractor, put it: “It’s all so stupid and dangerous.”

Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

Related News

The 255 Best Prime Day Deals on Stuff We’ve Tested and Love

10 July 2025

This Sony Soundbar System Sounds Like a Theater and It’s Cheaper Than Ever for Prime Day

10 July 2025

McDonald’s AI Hiring Bot Exposed Millions of Applicants’ Data to Hackers Who Tried the Password ‘123456’

10 July 2025

Elon Musk Unveils Grok 4 Amid Controversy Over Chatbot’s Antisemitic Posts

10 July 2025

Musk makes grand promises during Grok 4 live demo, ignores Nazi scandal

10 July 2025

Our Favorite TV for Most People Is at Its Lowest Price Ever on Prime Day

10 July 2025
Top Articles

Huawei Nova 14 Ultra – Price in India, Specifications (21st May 2025)

20 May 2025125 Views

iQOO Neo 10 Pro+ Confirmed to Debut This Month, Pre-Reservations Begin

8 May 202589 Views

Redmi K80 Ultra Design, Colours, and Key Features Revealed; to Get MediaTek Dimensity 9400+ SoC

18 June 202580 Views
Stay In Touch
  • Facebook
  • YouTube
  • TikTok
  • WhatsApp
  • Twitter
  • Instagram
Don't Miss

This Sony Soundbar System Sounds Like a Theater and It’s Cheaper Than Ever for Prime Day

10 July 2025

Sony’s soundbar lineup for 2025 zigged while most other brands zagged, and the result was…

Apple Vision Pro Successor to Reportedly Launch in 2025 With M4 Chip, Better Components for AI

10 July 2025

Samsung Galaxy S25 FE Design Appears on WPC Database; May Support Qi2 Wireless Charging

10 July 2025

McDonald’s AI Hiring Bot Exposed Millions of Applicants’ Data to Hackers Who Tried the Password ‘123456’

10 July 2025
Technophile News
Facebook X (Twitter) Instagram Pinterest YouTube Dribbble
  • Privacy Policy
  • Terms of use
  • Advertise
  • Contact Us
© 2025 Technophile News. All Rights Reserved.

Type above and press Enter to search. Press Esc to cancel.