The Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA), which President Biden signed into law in March 2022, required CISA to establish the RVWP (see Section 105 [6 U.S.C. 652]).
ALERT
CISA Announces Ransomware Vulnerability Warning Pilot
Release Date
March 13, 2023
Today, CISA is announcing the creation of the Ransomware Vulnerability Warning Pilot (RVWP). Through the RVWP, CISA:
- Proactively identifies information systems—belonging to critical infrastructure entities—that contain vulnerabilities commonly associated with ransomware intrusions.
- Notifies the owners of the affected information systems, which enables the owners to mitigate the vulnerabilities before damaging intrusions occur.
Review the RVWP webpage for details and an FAQ, including information on the authorities and services CISA leverages to enable RVWP notifications.
See also:
RVWP Fact Sheet