February 24, 2022 – Baxter International Inc., has received authorization from the Common Vulnerability and Exposures (CVE®) program to be a CVE Numbering Authority. As a CVE Numbering Authority (CNA), Baxter is responsible for the assignment of CVE identifiers to cyber vulnerabilities for Baxter and Hillrom commercially available products, and for publicly disclosing information about the vulnerabilities in the associated CVE Record. The CVE program is sponsored by the Cybersecurity and Infrastructure Security Agency (CISA), which is part of the U.S. Department of Homeland Security and aims to enable the rapid identification and resolution of cybersecurity issues.
Cyberattacks against healthcare organizations have risen 45% since Nov. 1, 2020 as compared to a 22% increase in cyberattacks for other industries during the same time period. Cyberattacks are also increasingly growing in sophistication, intensifying the risk to healthcare systems and patients.
A centralized system and process for cataloging cybersecurity vulnerabilities helps stakeholders like device manufacturers, hospital systems and IT teams to more rapidly discover and correlate information used to protect systems against attacks. Technology and cybersecurity professionals use CVE Records to ensure they are discussing the same issue, and to coordinate their efforts to prioritize and address the vulnerabilities. Using standardized and publicly disclosed CVE records can result in significant time and cost savings.