Zinger Key Points
- The CVE Program nearly lost funding to help organizations identify and check cybersecurity vulnerabilities.
- A look at cybersecurity stocks and ETFs that investors can include to get exposure to the sector.
- Markets are messy—but the right setups can still deliver triple-digit gains. Join Matt Maley live this Wednesday at 6 PM ET to see how he’s trading it.
The cybersecurity sector may be breathing a sigh of relief after a deal was reached to continue funding for the Common Vulnerabilities and Exposures database, commonly known as the CVE program.
What Happened: The 25-year-old CVE program is used to identify cybersecurity vulnerabilities and has been considered a vital part of the cybersecurity sector.
News spread this week that funding for the CVE program expired on April 16 and a contract with the U.S. Department of Homeland Security had not been renewed. However, in a last-minute turnaround, the program was reinstated, according to a Forbes report.
"The CVE Program is invaluable to cyber community and a priority of CISA. Last night, CISA executed the option period on the contract to ensure there will be no lapse in critical CVE services," a CISA (Cybersecurity and Infrastructure Security Agency) spokesperson told Forbes.
The report said the CISA's extension of funding will last 11 months.
A new body, which includes a subset of the CVE Board, will break off and maintain the CVE Program, according to the report.
"The CVE Foundation has been formally established to ensure the long-term viability, stability, and independence of the Common Vulnerabilities and Exposures Program, a critical pillar of the global cybersecurity infrastructure for 25 years," the new CVE governing body said.
Why It's Important: Experts warned that the end of the CVE Program could lead to increased vulnerabilities in the cybersecurity sector.
"Without CVE, defenders are at a massive disadvantage against global cyber threats," CVE Board Member Kent Landfield said. "CVE, as a cornerstone of the global cybersecurity ecosystem, is too important to be vulnerable itself."
If the CVE had not been able to continue its funding, the list of logged vulnerabilities would have ended, and organizations could have been more vulnerable to attacks.
The funding extension eases worries temporarily but leaves questions about the future of the CVE, which comes as cybersecurity attacks have increased and remain a key concern for large companies.
Investors seeking exposure to the cybersecurity sector have several options, including individual stocks and ETFs. These are the largest ETFs covering the sector:
- First Trust Nasdaq Cybersecurity ETF CIBR
- Amplify Cybersecurity ETF HACK
- Global X Cybersecurity ETF BUG
- iShares Cybersecurity And Tech ETF IHAK
In the ETFs, some of the top holdings include CrowdStrike Holdings CRWD, Broadcom Inc AVGO, Cisco Systems CSCO, Check Point Software CHKP and Okta Inc OKTA.
Read Next:
Photo: Shutterstock
Edge Rankings
Price Trend
© 2025 Benzinga.com. Benzinga does not provide investment advice. All rights reserved.
Trade confidently with insights and alerts from analyst ratings, free reports and breaking news that affects the stocks you care about.
