Policy & Regulation: Page 18
-
Justin Sullivan via Getty Images
FTC orders Drizly to tighten data security practices as 2.5M consumers exposed
The Uber subsidiary must implement a comprehensive information security program, while the CEO will be held to similar requirements in the future.
By David Jones • Oct. 25, 2022 -
shironosov via Getty Images
Help wanted for 3.4M jobs: Cyber workforce shortage is an acute, worldwide problem
Research from (ICS)2 shows an ongoing skills gap in the information security space is under greater pressure than before.
By David Jones • Oct. 24, 2022 -
Explore the Trendline➔
Nattakorn Maneerat via Getty Images
-
Permission granted by Gartner
Sponsored by Gartner Peer InsightsCybersecurity quarterly benchmarks: Q1, 2022
Gartner Peer Insights data and opinions run the gamut on cybersecurity maturity, budgets, and initiatives.
Oct. 24, 2022 -
gorodenkoff/iStock via Getty Images
White House plans IoT security labeling program for spring 2023
Major connected device manufacturers, retailers and industry groups back efforts to boost cyber awareness.
By David Jones • Oct. 21, 2022 -
mWISE Conference/ Mandiant
CISA’s priority sectors for 2023: water, hospitals, K-12
The industries slated for emphasis are “target-rich, resource-poor entities,” CISA Director Jen Easterly said. They’re also heavily targeted by ransomware.
By Matt Kapko • Oct. 21, 2022 -
Permission granted by Mandiant
National cybersecurity strategy to debut within months, White House official says
The Biden administration’s strategy will have extensive collaboration with the private sector, National Cyber Director Chris Inglis says.
By David Jones • Oct. 20, 2022 -
TSA rolls out long-anticipated cyber directive for freight, passenger rail systems
The directive is part of a wider administration effort to build resilience across a series of critical infrastructure sites nationwide.
By David Jones • Oct. 19, 2022 -
Roberto Torres/Cybersecurity Dive
Cyber defense is not IT’s job alone, CISA CTO says
While tech executives must provide critical tools and procedures to lower cyber risk, the whole organization is responsible for fending off attackers.
By Roberto Torres • Oct. 19, 2022 -
Drew Angerer via Getty Images
Uber ex-CSO verdict raises thorny issues of cyber governance and transparency
The former chief security officer of the ride-sharing firm is seen by many as a scapegoat for an unsupervised and unaccountable corporate culture.
By David Jones • Oct. 19, 2022 -
Alex Wong via Getty Images
White House to raise cyber standards for healthcare, water and emergency communications
CISA will also roll out minimum security standards by late October that can apply to organizations across sectors.
By Naomi Eide • Oct. 14, 2022 -
phuttaphat tipsana via Getty Images
White House to roll out Energy Star-like ratings for IoT
The labeling plan is part of a long-sought effort to boost security and transparency in commonly used technology products.
By David Jones • Oct. 12, 2022 -
Sean M. Haffey via Getty Images
Cybersecurity needs a statewide approach, report finds
Research from Deloitte and state CIOs shows cities often hesitate to work with states on cybersecurity to protect their autonomy, but local government cyber grants could change that.
By Michael Brady • Oct. 10, 2022 -
Photo illustration by Danielle Ternes/Cybersecurity Dive; photograph by yucelyilmaz via Getty Images
CISA orders federal IT overhaul with automated asset inventory, software scanning
Civilian agencies will be required to check for vulnerabilities in a push to gain better visibility into IT networks.
By David Jones • Oct. 4, 2022 -
gilaxia via Getty Images
Strict security rules could push open source community out of federal work, expert says
Agency CISOs and development experts say federal agencies need to work collaboratively with open source community contributors.
By David Jones • Sept. 27, 2022 -
Dan Zukowski/Cybersecurity Dive
Opinion6 things businesses need to know about the changing privacy landscape
New bills are proposed every day, and while only a few will become official policy, there may be important trends that impact businesses.
By Ryan P. Blaney • Sept. 26, 2022 -
BackyardProduction via Getty Images
How common telecom cyber risks snowball in cloud, open source
Public cloud plays a central role in the modernization of wireless networks. But more open source software, vendors and vulnerabilities could spell trouble.
By Matt Kapko • Sept. 23, 2022 -
Mario Tama via Getty Images
Morgan Stanley fined $35M by SEC over improper data disposal
The bank hired a company with no data-destruction experience to decommission hard drives and servers, which were sold to a third party and auctioned with some unencrypted customer data intact, the regulator found.
By Gabrielle Saulsbery • Sept. 21, 2022 -
Mark Wilson via Getty Images
Capital One freed from consent order tied to 2019 breach
The Office of the Comptroller of the Currency determined the bank had reached a level of “safety and soundness” no longer requiring extra oversight regarding a leak of 106 million customers’ data.
By Gabrielle Saulsbery • Sept. 20, 2022 -
Vacclav/iStock via Getty Images
White House guidance on third-party software seen as a major test of cyber risk strategy
The U.S. hopes that by forcing software producers to meet a set of minimum security standards for federal use, a new baseline strategy will be adopted industrywide.
By David Jones • Sept. 19, 2022 -
Cat Eye Perspective via Getty Images
Industrial control systems face more cyber risks than IT, expert testifies
Most ICS technology was designed more than 20 years ago and built without cyber resilience, Idaho National Laboratory's Vergle Gipson said.
By David Jones • Sept. 16, 2022 -
Photo illustration by Danielle Ternes/Cybersecurity Dive; photograph by yucelyilmaz via Getty Images
CISA can’t definitively say if ransomware is getting better or worse
Organizations can be unwilling to notify government officials when ransomware intrusions occur, but that simple act might prevent the next attack.
By Matt Kapko • Sept. 15, 2022 -
PorqueNoStudios/iStock via Getty Images
White House sets minimum security standards for federal software use
The Office of Management and Budget is requiring agencies to get a self-attestation from software producers showing compliance with NIST guidance.
By David Jones • Sept. 14, 2022 -
Courtesy of Billington CyberSecurity Summit
US is shoring up gaps in cyber policy, but critical goals remain unfulfilled
Legislators say the Cyberspace Solarium Commission led to significant national security enhancements, but analysts are calling for urgent momentum on a federal law on data privacy and security.
By David Jones • Sept. 13, 2022 -
Chip Somodevilla via Getty Images
US Treasury sanctions Iran intelligence agency following Albanian government attack
The Treasury Department said Iran has engaged in malicious cyber activity against government and private sector organizations, including critical infrastructure targets, since at least 2007.
By David Jones • Sept. 12, 2022 -
Photo illustration by Danielle Ternes/Cybersecurity Dive; photograph by yucelyilmaz via Getty Images
CISA announces RFI for critical infrastructure cyber reporting mandate
The agency plans to publish the information request in the Federal Register on Monday and will kick off a national listening tour.
By David Jones • Sept. 9, 2022
Previous
