Policy & Regulation


  • Image attribution tooltip
    Luke Sharrett via Getty Images

    TSA rolls out rail cyber requirements, targeting prevention and rapid response

    The directives, with immediate implementation expected, are primarily for higher-risk freight railroads, passenger rail, and rail transit, DHS said. 

    By Dec. 3, 2021
  • Image attribution tooltip
    DKosig via Getty Images

    Insurer Lloyd's slashes coverage on state-sponsored cyberattacks, reflecting battered market

    The limits for state-sponsored attack coverage comes at a time when nation-state activity and ransomware linked to foreign threat actors is surging.

    By Dec. 3, 2021
  • Image attribution tooltip
    Dan Kitwood via Getty Images

    Crypto becoming the preferred currency of cybercriminals and rogue governments

    Authorities are turning the tables on cybercriminals by tracing the steps of illicit transactions and making it more difficult for ransomware operators to evade detection.

    By Nov. 24, 2021
  • Image attribution tooltip
    Chip Somodevilla / Staff via Getty Images

    Recovering ransom payments could become routine for law enforcement

    Backed by blockchain analysts and crypto-tracers, law enforcement agencies want to become more proficient in seizing ransomware-related funds.

    By Nov. 23, 2021
  • Image attribution tooltip
    Dan Kitwood/Getty Images News via Getty Images

    Companies urged to alert federal law enforcement in ransomware cases

    A key official with the U.S. Secret Service says companies need to work with law enforcement agencies, who can help make critical decisions in disrupting illicit transactions.

    By Nov. 17, 2021
  • Image attribution tooltip
    Getty via Getty Images

    FBI justifies its decision to withhold Kaseya decryptor

    The law enforcement agency prioritized the long-term benefits of a delay over the immediate decryption key release.

    By Nov. 17, 2021
  • Image attribution tooltip
    Jon Cherry via Getty Images

    K-12's decade-old cyber guidance needs updating, watchdog says

    With K-12 considered critical infrastructure, the Government Accountability Office is calling for more guidance on the federal government's role in protecting schools. 

    By Roger Riddell • Nov. 15, 2021
  • Image attribution tooltip
    Michael M. Santiago via Getty Images

    Banks outpace other industries in cyber investments, defense strategies: report

    The banking industry is actively investing in cyber defense and employing sound corporate governance practices to combat threats, Moody's found.

    By Nov. 15, 2021
  • Image attribution tooltip
    Leon Neal via Getty Images

    US backs Paris-led effort on cybersecurity cooperation

    After sitting on the sidelines for three years, the U.S. is joining an international effort to create stability and order in cyberspace.

    By Nov. 11, 2021
  • Image attribution tooltip
    Chip Somodevilla via Getty Images

    DOJ unveils charges, money seizures in multinational crackdown against REvil

    The Justice, Treasury and State departments led an international effort to crack down on ransomware, money laundering and illicit trading of cryptocurrency connected to the gang linked to the Kaseya attack.

    By Nov. 9, 2021
  • Image attribution tooltip
    Mark Makela/Getty Images via Getty Images

    State Department to add cyber bureau, tackle tech diplomacy

    The additions could help streamline coordination and eliminate the simultaneous — and sometimes redundant — efforts of global partners. 

    By Nov. 9, 2021
  • Image attribution tooltip
    Sarah Silbiger via Getty Images

    $1.2 trillion infrastructure bill passes House, tying cyber to physical investments

    The bill, which awaits President Joe Biden's signature, invests $2 billion in cybersecurity and formalizes the national cyber director's budget. 

    By Nov. 8, 2021
  • Image attribution tooltip
    Getty Images / Staff via Getty Images

    Pentagon revamps CMMC program to help SMBs meet compliance standards

    Critics have decried the cybersecurity program as far too expensive and complex for thousands of defense contractors struggling to shield data from nation states. 

    By Nov. 5, 2021
  • Image attribution tooltip
    "SEC" by SEC is licensed under CC BY 2.0

    SEC to 'dig deeper' in cybersecurity enforcement

    The commission's guidance from 2018 foreshadowed many recent cybersecurity enforcement actions by the agency's Cyber Unit.

    By Jim Tyson • Nov. 5, 2021
  • Image attribution tooltip
    Photo illustration by Danielle Ternes/Cybersecurity Dive; photograph by yucelyilmaz via Getty Images

    CISA wants to identify the most vulnerable critical infrastructure

    The agency is basing its analysis on economic and network centrality, as well as "logical dominance in the national critical functions," Director Jen Easterly said.

    By Nov. 1, 2021
  • Image attribution tooltip

    Chris Krebs, former CISA director and founding partner of Krebs Stamos Group, speaking with Gartner Distinguished VP Analyst Neil MacDonald during the virtual Gartner IT Symposium/Xpo Wednesday. Retrieved from Gartner IT Symposium/Xpo on Oct. 20, 2021

    Government can demand stronger product security, Krebs said. It could help private sector, too

    The federal government can use the power of the purse to leverage security improvements, which could benefit businesses at large, according to former CISA Director Chris Krebs.

    By Oct. 22, 2021
  • Image attribution tooltip
    "SEC" by SEC is licensed under CC BY 2.0

    Cyberattacks spur demand for cyber insurance: Moody's

    "This is a critical area that we're challenged with," Securities and Exchange Commission Chair Gary Gensler said, describing the agency’s sharper focus on cyber risk.

    By Jim Tyson • Oct. 22, 2021
  • Image attribution tooltip
    Photo illustration by Danielle Ternes/Cybersecurity Dive; photograph by yucelyilmaz via Getty Images

    Federal agencies warn of ransomware targeting water, wastewater treatment plants

    Months after the attack on a Florida water treatment plant, the FBI, CISA and other agencies are concerned about a new round of threats to vulnerable municipal sites.

    By Oct. 18, 2021
  • Image attribution tooltip
    Dan Kitwood/Getty Images News via Getty Images

    2021 ransomware bitcoin activity eclipses last year, Treasury finds

    The number of suspicious activity report transactions is already up 30% over 2020 numbers and the agency has tracked billions of dollars in outgoing bitcoin payments potentially linked to ransomware.

    By Oct. 18, 2021
  • Image attribution tooltip
    Chip Somodevilla / Staff via Getty Images

    Ransomware summit takeaways: Pledges to disrupt safe havens, money laundering

    The State Department is in talks with Russia, however, some U.S. experts warn the Biden administration needs to take more forceful action out in the open. 

    By Oct. 15, 2021
  • Image attribution tooltip
    Sean Gallup via Getty Images

    Biden administration seeks international progress on ransomware fight

    Russia, China and North Korea were left out of the virtual summit, while officials from 30 nations look to combat ransomware and illegal crypto transactions.

    By Oct. 14, 2021
  • Image attribution tooltip
    Chip Somodevilla / Staff via Getty Images

    White House tackles endpoint security in federal agencies, tees up CISA

    Agencies should have "enterprise-level visibility" across bureaus and sub-agencies, a Friday memo said.

    By Oct. 13, 2021
  • Image attribution tooltip
    Anna Moneymaker via Getty Images

    DOJ cracks down on ransomware with cyber task force, civil fraud initiative

    Federal authorities will target illegal crypto trading platforms and pursue federal contractors that fail to report breaches.

    By Oct. 7, 2021
  • Ransomware attacks put availability of medical devices at risk: FDA cyber chief

    Industry reached a "watershed moment" earlier this year when a device outage caused by malware endangered patient lives, said the acting director of cybersecurity at CDRH. 

    By Greg Slabodkin • Oct. 4, 2021
  • Image attribution tooltip
    Stefan Zaklin / Stringer / via Getty Images via Getty Images

    How CISA's head wants to reform federal cybersecurity

    Without a federal incident reporting law, CISA and the private sector lack efficient information-sharing capabilites, Director Jen Easterly said.

    By Sept. 23, 2021