Cyber Security: GE Gas Power Named as a CVE Numbering Authority

Greenville  – GE Gas Power (NYSE:GE), today announced that it has been authorized by Cybersecurity and Infrastructure Security Agency (CISA) as a Common Vulnerability and Exposure Numbering Authority (CNA). Joining a selected group of vendors recognized by the CNA Program demonstrates GE’s mature vulnerability management practices and a strong commitment to cybersecurity.

The CNA Program is sponsored by the US Federal Government to identify and catalogue security vulnerabilities in software and hardware components worldwide into a free “dictionary.” By providing trusted public disclosures, the CNA Program helps cyber professionals, end-users, and other stakeholders take timely action to prevent attacks exploiting these vulnerabilities.

As a CNA, GE Gas Power can now assign CVE identification numbers to newly discovered vulnerabilities potentially related to its products and allows GE Gas Power to directly establish new CVEs and streamline the reporting process.

“As a leader building technology for the future of energy, we are committed to increase our focus on cybersecurity as part of a portfolio of technologies to help ensure integrity throughout the product lifecycle” said GE Gas Power’s VP Product Security and Chief Engineer, Rob Garry.  “Receiving this accreditation will help us to communicate information about vulnerabilities with our customers and collaborators timely and in accordance with the CNA program standards and increase their confidence in GE Gas Power’s products.”