'%3e%3cpath%20d='M7.5%201.26055C9.37031%201.26055%209.5918%201.26875%2010.3273%201.30156C11.0109%201.33164%2011.3801%201.44648%2011.6262%201.54219C11.9516%201.66797%2012.1867%201.82109%2012.4301%202.06445C12.6762%202.31055%2012.8266%202.54297%2012.9523%202.86836C13.048%203.11445%2013.1629%203.48633%2013.193%204.16719C13.2258%204.90547%2013.234%205.12695%2013.234%206.99453C13.234%208.86484%2013.2258%209.08633%2013.193%209.82188C13.1629%2010.5055%2013.048%2010.8746%2012.9523%2011.1207C12.8266%2011.4461%2012.6734%2011.6812%2012.4301%2011.9246C12.184%2012.1707%2011.9516%2012.3211%2011.6262%2012.4469C11.3801%2012.5426%2011.0082%2012.6574%2010.3273%2012.6875C9.58906%2012.7203%209.36758%2012.7285%207.5%2012.7285C5.62969%2012.7285%205.4082%2012.7203%204.67266%2012.6875C3.98906%2012.6574%203.61992%2012.5426%203.37383%2012.4469C3.04844%2012.3211%202.81328%2012.168%202.56992%2011.9246C2.32383%2011.6785%202.17344%2011.4461%202.04766%2011.1207C1.95195%2010.8746%201.83711%2010.5027%201.80703%209.82188C1.77422%209.08359%201.76602%208.86211%201.76602%206.99453C1.76602%205.12422%201.77422%204.90273%201.80703%204.16719C1.83711%203.48359%201.95195%203.11445%202.04766%202.86836C2.17344%202.54297%202.32656%202.30781%202.56992%202.06445C2.81602%201.81836%203.04844%201.66797%203.37383%201.54219C3.61992%201.44648%203.9918%201.33164%204.67266%201.30156C5.4082%201.26875%205.62969%201.26055%207.5%201.26055ZM7.5%200C5.59961%200%205.36172%200.00820312%204.61523%200.0410156C3.87148%200.0738281%203.36016%200.194141%202.91719%200.366406C2.45508%200.546875%202.06406%200.784766%201.67578%201.17578C1.28477%201.56406%201.04688%201.95508%200.866406%202.41445C0.694141%202.86016%200.573828%203.36875%200.541016%204.1125C0.508203%204.86172%200.5%205.09961%200.5%207C0.5%208.90039%200.508203%209.13828%200.541016%209.88477C0.573828%2010.6285%200.694141%2011.1398%200.866406%2011.5828C1.04688%2012.0449%201.28477%2012.4359%201.67578%2012.8242C2.06406%2013.2125%202.45508%2013.4531%202.91445%2013.6309C3.36016%2013.8031%203.86875%2013.9234%204.6125%2013.9562C5.35898%2013.9891%205.59687%2013.9973%207.49727%2013.9973C9.39766%2013.9973%209.63555%2013.9891%2010.382%2013.9562C11.1258%2013.9234%2011.6371%2013.8031%2012.0801%2013.6309C12.5395%2013.4531%2012.9305%2013.2125%2013.3187%2012.8242C13.707%2012.4359%2013.9477%2012.0449%2014.1254%2011.5855C14.2977%2011.1398%2014.418%2010.6313%2014.4508%209.8875C14.4836%209.14102%2014.4918%208.90312%2014.4918%207.00273C14.4918%205.10234%2014.4836%204.86445%2014.4508%204.11797C14.418%203.37422%2014.2977%202.86289%2014.1254%202.41992C13.9531%201.95508%2013.7152%201.56406%2013.3242%201.17578C12.9359%200.7875%2012.5449%200.546875%2012.0855%200.369141C11.6398%200.196875%2011.1313%200.0765625%2010.3875%200.04375C9.63828%200.00820313%209.40039%200%207.5%200Z'%20fill='white'/%3e%3cpath%20d='M7.5%203.4043C5.51484%203.4043%203.9043%205.01484%203.9043%207C3.9043%208.98516%205.51484%2010.5957%207.5%2010.5957C9.48516%2010.5957%2011.0957%208.98516%2011.0957%207C11.0957%205.01484%209.48516%203.4043%207.5%203.4043ZM7.5%209.33242C6.21211%209.33242%205.16758%208.28789%205.16758%207C5.16758%205.71211%206.21211%204.66758%207.5%204.66758C8.78789%204.66758%209.83242%205.71211%209.83242%207C9.83242%208.28789%208.78789%209.33242%207.5%209.33242Z'%20fill='white'/%3e%3cpath%20d='M12.0773%203.26206C12.0773%203.72691%2011.7%204.10152%2011.2379%204.10152C10.773%204.10152%2010.3984%203.72417%2010.3984%203.26206C10.3984%202.79722%2010.7758%202.42261%2011.2379%202.42261C11.7%202.42261%2012.0773%202.79995%2012.0773%203.26206Z'%20fill='white'/%3e%3c/g%3e%3cdefs%3e%3cclipPath%20id='clip0_560_306'%3e%3crect%20width='14'%20height='14'%20fill='white'%20transform='translate(0.5)'/%3e%3c/clipPath%3e%3c/defs%3e%3c/svg%3e){kind=small}
36 
As a software engineer who uses CISA as one of my sources for evolving cybersecurity threats to keep the rest of my company updated, this is not ideal. CISA will be slower to respond to time-sensitive threats and support large enterprises (if needed - no clue how that works in practice, since large enterprises usually pull in a private incident response company if something serious happens)
1 
#1 1wThe CVE program, which assigns identifiers so that people can communicate easily about vulnerabilities, is run by a contractor, so fortunately, that’s not going to be affected. But the Known Exploited Vulnerabilities (KEV) catalog is managed by CISA, and that may be slower to update. Because CISA almost let the funding lapse for the CVE program last year, more organizations have come together to make their own solutions that provide similar resources to CISA for the private sector…
1 #1 1w…They still can’t replace an agency with the backing, resources, and authority of the federal government, but it does help make sure we’re not entirely in the dark during gov shutdowns. The EU has their own programs too now, because people realized the entire world was effectively reliant on one US gov-funded program
1 #1 1wThat’s good, thanks for the info
1