Carding 4 Carders
Professional
More than 100 US federal agencies can see current threats in real time, isn't this a victory in the field of information security?
According to a senior Congressional official, the Exploited Vulnerability Catalog (KEV), which is managed by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), has an impressive positive impact on the security of federal civilian agencies.
The exploitable Vulnerability catalog, which has been in existence for more than two years, is the main source of data in the United States on current threats that are actively used by hackers around the world. Federal civil agencies are required by CISA to resolve any vulnerability in this directory within three weeks.
This week, during a House hearing, CISA's Executive Assistant Director for Cybersecurity, Eric Goldstein, provided statistics demonstrating the success of the catalog. "For the first time, we have information about vulnerabilities and misconfigurations that is relevant to 102 different agencies in real time. This allows us to eliminate them in a timely manner even before real intrusions occur," Goldstein said.
"CISA's efforts allow federal agencies to prevent attackers from accessing federal networks and reduce the risk of compromise due to Internet-accessible vulnerabilities that are often used to compromise public and private organizations," the executive assistant added.
Goldstein also said that in this calendar year alone, federal civil agencies eliminated more than 7 million detected KEV's. At the same time, the number of vulnerabilities that were not fixed in 45 days decreased by 72% over the past year.
"We maintain the KEV catalog as an authoritative source of information about exploitable vulnerabilities and send clear messages to organizations about the priority of fixing them," the executive assistant explained.
In addition to ongoing efforts to protect agencies, Goldstein highlighted a number of future CISA initiatives aimed at improving the threat platform and information sharing.
In conclusion, the expert answered a question about the consequences of a possible termination of funding for the US government. "A significant reduction in our budget would be disastrous. We would not be able to support even basic functions, and our opponents would certainly use these gaps," Goldstein said, with the clear message that it would be better for the government not to cut the CISA budget, so as not to lose as a counter to possible cyber attacks.
According to a senior Congressional official, the Exploited Vulnerability Catalog (KEV), which is managed by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), has an impressive positive impact on the security of federal civilian agencies.
The exploitable Vulnerability catalog, which has been in existence for more than two years, is the main source of data in the United States on current threats that are actively used by hackers around the world. Federal civil agencies are required by CISA to resolve any vulnerability in this directory within three weeks.
This week, during a House hearing, CISA's Executive Assistant Director for Cybersecurity, Eric Goldstein, provided statistics demonstrating the success of the catalog. "For the first time, we have information about vulnerabilities and misconfigurations that is relevant to 102 different agencies in real time. This allows us to eliminate them in a timely manner even before real intrusions occur," Goldstein said.
"CISA's efforts allow federal agencies to prevent attackers from accessing federal networks and reduce the risk of compromise due to Internet-accessible vulnerabilities that are often used to compromise public and private organizations," the executive assistant added.
Goldstein also said that in this calendar year alone, federal civil agencies eliminated more than 7 million detected KEV's. At the same time, the number of vulnerabilities that were not fixed in 45 days decreased by 72% over the past year.
"We maintain the KEV catalog as an authoritative source of information about exploitable vulnerabilities and send clear messages to organizations about the priority of fixing them," the executive assistant explained.
In addition to ongoing efforts to protect agencies, Goldstein highlighted a number of future CISA initiatives aimed at improving the threat platform and information sharing.
In conclusion, the expert answered a question about the consequences of a possible termination of funding for the US government. "A significant reduction in our budget would be disastrous. We would not be able to support even basic functions, and our opponents would certainly use these gaps," Goldstein said, with the clear message that it would be better for the government not to cut the CISA budget, so as not to lose as a counter to possible cyber attacks.
