Ransomware Vulnerability Warning Pilot (RVWP)

The Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA), which President Biden signed into law in March 2022, required CISA to establish the RVWP (see Section 105 [6 U.S.C. 652]).


CISA Announces Ransomware Vulnerability Warning Pilot

Release Date
March 13, 2023

Today, CISA is announcing the creation of the Ransomware Vulnerability Warning Pilot (RVWP). Through the RVWP, CISA:

  1. Proactively identifies information systems—belonging to critical infrastructure entities—that contain vulnerabilities commonly associated with ransomware intrusions.
  2. Notifies the owners of the affected information systems, which enables the owners to mitigate the vulnerabilities before damaging intrusions occur.

Review the RVWP webpage for details and an FAQ, including information on the authorities and services CISA leverages to enable RVWP notifications.

See also:

RVWP Fact Sheet

About the author: Dissent

Comments are closed.