Canon EMEA strengthens its vulnerability countermeasures through CNA authorisation

London, UK, 28 September 2023 – Canon EMEA today announces that it has been authorised by the CVE programme as a CVE Numbering Authority (CNA).

This will empower Canon EMEA to index and publish cybersecurity vulnerability information relating to Canon products developed in EMEA, by Canon and its affiliate software companies in EMEA, by assigning an internationally recognised CVE (Common Vulnerabilities and Exposures) ID.

CVE is an international, community-based initiative aimed at discovering vulnerabilities, which are then assigned and published to the global CVE list by CVE Numbering Authorities (CNAs). Information technology and cybersecurity professionals use the CVE record to ensure they are discussing the same issue, and to coordinate their efforts to prioritise and address the vulnerabilities.

Canon EMEA, now a CNA, can assign and publish CVE IDs for Canon EMEA product and service vulnerabilities, speeding up the process of them being identified and judged, and prompting quicker resolutions to EMEA security-related issues.

This news follows the launch of Canon’s global PSIRT (Product Security Incident Response Team) site, for reporting product vulnerabilities in Canon’s consumer and B2B products, directly to Canon’s cybersecurity team. Together, this means Canon can be more responsive in the EMEA region to make quicker resolutions to security-related issues.

“Canon EMEA’s new CNA status complements our Canon Inc’s CNA role, so we can deliver a faster service to our customers in EMEA,” explains Quentyn Taylor, Senior Director of Information Security at Canon EMEA. “This is the next step we’ve taken to demonstrate the importance we place on product security and our continued commitment to delivering the highest standard of security for both our customers and the wider industry.”

Customers can now view Canon EMEA CVE’s through the EMEA PSIRT website: https://www.canon-europe.com/psirt/