Gallagher has become the first New Zealand organization to be authorized as a CVE Numbering Authority (CNA) – globally there are only 132 organizations in 22 countries authorized to assign CVE IDs to vulnerabilities affecting product within their scope.
Gallagher said becoming a CNA demonstrates a level of maturity in cyber security and a commitment to communicating vulnerability information to customers. Other CNAs include the likes of Apple, Facebook, Google, Microsoft, and Netflix.
“At Gallagher, we’re dedicated to ensuring our customers have the information they need to keep their systems up to date and protected against cyber threats,” said Steve Bell, chief technology officer. “Becoming the first authorized CNA in New Zealand demonstrates our commitment to delivering solutions with the highest levels of security.”
The CVE program is the international standard for identifying and naming cyber security vulnerabilities and is sponsored by the Cybersecurity and Infrastructure Security Agency of the U.S. Department of Homeland Security. The CVE IDs assigned through the registry enable program stakeholders to rapidly discover and correlate vulnerability information used to protect systems against attacks.
“Adding Gallagher further expands the CVE program’s reach into New Zealand, and is consistent with the program’s expansion internationally,” said Chris Levendis, CVE board member for the MITRE Corporation.
“We applaud Gallagher’s commitment to security and want to warmly welcome them as they join the CVE Program as a CVE Numbering Authority. The CVE Program looks forward to partnering with Gallagher going forward as we collectively maintain our commitment to improving security.”
Gallagher’s ongoing focus on addressing cyber security threats includes a team dedicated to cyber security research, development, and testing, combined with regular external security testing by specialist penetration testers to ensure quality throughout the whole product development cycle.
#sen.news