Global technology leader, Gallagher, has become the first New Zealand organization across all industries to be authorized as a CVE Numbering Authority (CNA). In becoming a CNA, Gallagher demonstrates a level of maturity in cyber security and a commitment to communicating vulnerability information to customers.
Gallagher joins 132 organizations from 22 other countries authorized to assign CVE IDs to vulnerabilities affecting product within their scope. Other CNAs include the likes of Apple, Facebook, Google, Microsoft, and Netflix.
“At Gallagher, we’re dedicated to ensuring our customers have the information they need to keep their systems up to date and protected against cyber threats,” says Steve Bell, Chief Technology Officer. “Becoming the first authorized CNA in New Zealand demonstrates our commitment to delivering solutions with the highest levels of security.”
The CVE program is the international standard for identifying and naming cyber security vulnerabilities and is sponsored by the Cybersecurity and Infrastructure Security Agency of the U.S. Department of Homeland Security. The CVE IDs assigned through the registry enable program stakeholders to rapidly discover and correlate vulnerability information used to protect systems against attacks.
Chris Levendis, CVE Board Member for the MITRE Corporation, said, “Adding Gallagher Group LTD. further expands the CVE program’s reach into New Zealand, and is consistent with the program’s expansion internationally. We applaud Gallagher’s commitment to security and want to warmly welcome them as they join the CVE Program as a CVE Numbering Authority. The CVE Program looks forward to partnering with Gallagher going forward as we collectively maintain our commitment to improving security. Welcome aboard Gallagher!”
Gallagher’s ongoing focus on addressing cyber security threats includes a team dedicated to cyber security research, development, and testing, combined with regular external security testing by specialist penetration testers to ensure quality throughout the whole product development cycle.