The Cybersecurity and Infrastructure Security Agency (CISA) on Monday said it has created a new pilot program that leverages existing authorities to identify networks that have security vulnerabilities commonly associated with ransomware attacks and will notify system owners of their vulnerabilities.
The Ransomware Vulnerability Warning Pilot (RVWP) was authorized in the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) of 2022, which became law in March 2022, and was stood up on Jan. 30.
The goal is of the RVWP is to quickly mitigate potential cyber intrusions of vulnerability information systems before there is any damage. CISA uses open-source and its own cybersecurity tools to detect vulnerabilities within U.S. critical infrastructure.
Receipt of a notification from CISA on a security vulnerability does not mean a particular critical infrastructure entity’s information system has been compromised but does indicate that it is at risk and needs immediate remediation. However, even if an entity receives an RWVP notification from CISA, it does not have to comply with any of the agency’s recommendations.
CIRCIA requires owners and operators to quickly report major cybersecurity incidents and ransomware payments to CISA.