NIST to stop rating non-priority flaws due to volume increase

SITREP: The National Institute of Standards and Technology (NIST) has announced it will cease rating non-priority vulnerabilities due to an increase in submission volumes. This decision is aimed at managing the growing workload associated with vulnerability assessments. TACTICAL ASSESSMENT: This shift may lead to a backlog in the evaluation of lower-priority flaws, potentially leaving organizations unaware of certain vulnerabilities. Strategically, it could impact the overall cybersecurity posture of entities relying on NIST ratings for risk management. PROJECTED VECTORS: In the near term, organizations may need to seek alternative methods for assessing lower-priority vulnerabilities as NIST adjusts its focus.