Policy & Regulation: Page 23
-
Senate SolarWinds hearing turns attention to breach notification laws, intel sharing
Amazon Web Services came under fire for declining to attend the hearing as top executives emphasized the need for faster disclosure and industrywide standards.
By David Jones • Feb. 24, 2021 -
Water system hack reveals thousands of organizations vulnerable to Window 7 exposure
Critical infrastructure providers and SMBs continue to operate the outdated Microsoft OS without security updates and patches.
By David Jones • Feb. 19, 2021 -
FDA appoints first medical device cybersecurity chief
University of Michigan professor Kevin Fu will serve a one-year term as acting cyber director at the Center for Devices and Radiological Health. Experts fear the chaos of the pandemic created the perfect storm for hackers to exploit.
By Greg Slabodkin • Feb. 4, 2021 -
Attention to K-12 cybersecurity grows in nearly 100 bills introduced in 2020
With K-12 becoming a top target due to a combo of high-value data available and limited protection, a new report examines legislative trends.
By Roger Riddell • Feb. 1, 2021 -
Tanaonte via Getty Images
GDPR regulators are sinking their teeth into violators. 2020's fines are proof.
The European regulation took about a year before major fines were introduced. Watchdogs are in a grey area of harnessing better privacy standards and having zero tolerance for negligent or intentional violations.
By Samantha Schwartz • Jan. 28, 2021 -
Stock Photo via Getty Images
Privacy investments mitigate security losses, report finds
Spending on data privacy has become a priority amid new concerns about COVID-19 data and remote work environments, a study from Cisco shows.
By David Jones • Jan. 26, 2021 -
Cyber defense panel sees more private sector coordination following SolarWinds
Defense and intelligence experts say federal agencies need to strengthen private sector support, intelligence sharing to prevent the next big nation-state attack.
By David Jones • Jan. 20, 2021 -
Brian Tucker/Cybersecurity Dive
With cyber bureau, State Department brings diplomacy to threat landscape
CISOs and security experts see the federal bureau as a potential bridge to help align the government and private sector as nation-states pose increased threats.
By David Jones • Updated Jan. 11, 2021 -
Democrats control Congress. Will 2021 be the year for federal privacy laws?
Don't hold your breath.
By Samantha Schwartz • Jan. 8, 2021 -
Federal task force says Russia likely actor behind SolarWinds attack
As investigations continue, agencies are working to preserve private-sector trust.
By David Jones , Samantha Schwartz • Jan. 5, 2021 -
Feds require banks to report cyberattacks within 36 hours
The rule, taking effect May 1, requires bank technology vendors to immediately notify customers if an incident disrupted services four hours or more.
By Dan Ennis • Updated Nov. 19, 2021 -
valentinrussanov via Getty Images
Federal agencies warn of heightened cyberthreats against K-12 schools
Cyberattackers are trying to steal data and disrupt remote learning as COVID-19 continues to impact schools, the FBI, CISA and MS-ISAC said.
By David Jones • Dec. 11, 2020 -
Weighing the risks of disclosing a cyber incident
Not telling law enforcement or a regulator is an admission by an organization: We do not consider this cyber incident reportable.
By Samantha Schwartz • Dec. 10, 2020 -
National defense bill is heavy on cyber. What it means for the private sector.
The recommendations are intended to remedy areas of distrust and construct a more resilient cyber infrastructure, regardless of sector.
By Samantha Schwartz • Dec. 7, 2020 -
Brian Tucker/Cybersecurity Dive
IoT cyber bill clears Congress — what's next for industry players?
Long-awaited legislation is seen as a springboard to widespread adoption of standards across the booming connected-devices industry.
By David Jones • Dec. 3, 2020 -
Supreme Court decision on computer fraud law hinges on one word — 'so'
The U.S. Supreme Court held the Computer Fraud and Abuse Act does not cover incidents which individuals with authorized access to a computer system abuse access privileges.
By Samantha Schwartz • Updated June 3, 2021 -
A cyber stakeholder's guide to Van Buren vs. US
The Supreme Court could determine what constitutes the limits of authorized computer access under the Computer Fraud and Abuse Act. Should this issue be left for Congress?
By Samantha Schwartz • Nov. 30, 2020 -
Technologists grapple with privacy, bias as AI inches closer to customers
Industry must contend with the ethical challenges of building AI as the technology expands in physical and digital customer touchpoints.
By Roberto Torres • Nov. 30, 2020 -
Permission granted by Home Depot
Home Depot codifies data reforms in $17.5M breach settlement with states
The home improvement retailer reached a $17.5 million settlement following a multistate investigation into its 2014 hacking.
By David Jones • Nov. 25, 2020 -
Defense industry CISOs prepare for cybersecurity compliance audits
As the deadline looms for long-awaited supply chain security requirements, experts are helping contractors prepare for third-party assessments.
By David Jones • Nov. 23, 2020 -
Carnegie researchers seek urgent action to combat financial cyberthreats
Fintech business development and digital transformation in banking is creating opportunities for malicious actors to attack vulnerable systems.
By David Jones • Nov. 20, 2020 -
Ransom sanctions leave little room for companies desperate to resolve an attack
Victimized organizations are balancing the risk and cost of stalled operations and encrypted data, with federal watchdogs ready to act. Response and recovery is never going to be an easy process.
By Samantha Schwartz • Nov. 20, 2020 -
Trump fires CISA's Krebs in slew of top cyber departures
President Donald Trump fired Christopher Krebs on Tuesday night, a week after top cyber official Bryan Ware left his post, leaving high-level national cybersecurity positions vacant.
By Katie Malone • Nov. 17, 2020 -
Biden faces scrutiny on key appointments and policy priorities on privacy, cybersecurity
Experts say the incoming administration has an array of former Obama administration staff and will face pressure to reform a number of fronts.
By David Jones • Nov. 13, 2020 -
Courtesy of Zoom
Zoom settles with FTC, promises to build robust security program
With Zoom's rapid user growth between December and April, the company allegedly "misled users by touting" end-to-end, 256-bit encryption, when it actually offered "lower level of security," said the FTC.
By Samantha Schwartz • Nov. 10, 2020
Previous
