Integrated Control Technology (ICT) has announced that it has been authorized by the Common Vulnerabilities and Exposures (CVE) Program as a CVE Numbering Authority (CNA), becoming the second New Zealand organization to be accepted into the program.
The mission of the CVE program is to identify, define and catalog publicly disclosed cybersecurity vulnerabilities.
ICT says this aligns with its own commitment to provide customers with the tools and the resources needed to harden systems against the latest cybersecurity threats.
Vulnerabilities that are discovered are assigned and published to the CVE List.
CVE Records published in the catalog enable program stakeholders to discover and correlate vulnerability information used to protect systems against attacks.
“At ICT we’re dedicated to providing our customers with the information needed to protect against the latest cybersecurity threats, ensuring their systems are always kept up to date,” said Daniel Tolcher, IT & Cybersecurity Manager, ICT.
ICT joins 358 leading organizations from 40 countries that have been accepted into this program.
Sponsored by the Cybersecurity and Infrastructure Security Agency of the US Department of Homeland Security, CVE is considered the gold standard for publishing vulnerabilities.
ICT takes on this responsibility alongside major tech brands, Microsoft, Google, Amazon, IBM and others, who are authorized to assign CVE IDs to vulnerabilities affecting product within its scope.
“The global average cost of a data breach in 2023 was $4.45 million, a 15% increase over three years,” Tolcher said.
“The international, community-based effort of the CVE Program is dedicated to supporting the efforts of the Information technology and cybersecurity professionals who address these vulnerabilities and ICT is proud to be welcomed.”