Policy & Regulation: Page 23
-
Win McNamee via Getty Images
Biden gives defense, intel agencies 180 days to apply MFA, encryption
The White House's memorandum builds on past requirements to bolster U.S. cyber standards. This time, the administration is targeting agencies that handle classified intelligence.
By Samantha Schwartz • Jan. 20, 2022 -
Mario Tama via Getty Images
Log4j raises cyber risk for public finance entities, Fitch warns
Local agencies and critical sites face increased operational and financial risk as the vulnerability opens organizations to ransomware or other malicious activity.
By David Jones • Jan. 19, 2022 -
Explore the Trendlineâž”
Getty Images
TrendlineRisk Management
An esclation of cyber risks facing businesses and government has made cyber resilience a major priority.
By Cybersecurity Dive staff -
Chip Somodevilla / Staff via Getty Images
Feds want businesses to report cyberattacks — the agency doesn't matter
The FBI's Bryan Vorndran compared a cyberattack to a house robbery: Law enforcement assists with attack response while CISA is representative of an alarm company tasked with prevention.
By Samantha Schwartz • Jan. 14, 2022 -
Getty Images
FCC seeks stronger breach reporting rules for telecoms
After massive breaches at T-Mobile and other telecoms, the proposed regulations would create faster consumer disclosure and mandate reporting of inadvertent cases.
By David Jones • Jan. 13, 2022 -
Sarah Silbiger via Getty Images
Congressional cyber commission expires but work to continue with 'Solarium 2.0'
Despite the commission's success, unfinished business includes setting up a joint collaborative environment, institutionalizing the Cyber Diplomacy Act, creating a bureau of cyber statistics, and codifying critical infrastructure.
By Samantha Schwartz • Dec. 23, 2021 -
Sarah Silbiger via Getty Images
Long-expected cyber incident reporting rule loses ground once again
The House's recently passed National Defense Authorization Act is set to advance to the Senate. But it omitted a key cyber rule: mandatory incident reporting.
By Samantha Schwartz • Dec. 10, 2021 -
Stefani Reynolds / Stringer via Getty Images
What incident reporting could look like
Legislation could remove some of the complexity of overlapping standards when CISA's roles and authorities become more robust.
By Samantha Schwartz • Dec. 10, 2021 -
Luke Sharrett via Getty Images
TSA rolls out rail cyber requirements, targeting prevention and rapid response
The directives, with immediate implementation expected, are primarily for higher-risk freight railroads, passenger rail, and rail transit, DHS said.
By Samantha Schwartz • Dec. 3, 2021 -
Getty Images
Insurer Lloyd's slashes coverage on state-sponsored cyberattacks, reflecting battered market
The limits for state-sponsored attack coverage comes at a time when nation-state activity and ransomware linked to foreign threat actors is surging.
By David Jones • Dec. 3, 2021 -
Dan Kitwood via Getty Images
Crypto becoming the preferred currency of cybercriminals and rogue governments
Authorities are turning the tables on cybercriminals by tracing the steps of illicit transactions and making it more difficult for ransomware operators to evade detection.
By David Jones • Nov. 24, 2021 -
Chip Somodevilla / Staff via Getty Images
Recovering ransom payments could become routine for law enforcement
Backed by blockchain analysts and crypto-tracers, law enforcement agencies want to become more proficient in seizing ransomware-related funds.
By Samantha Schwartz • Nov. 23, 2021 -
Dan Kitwood/Getty Images News via Getty Images
Companies urged to alert federal law enforcement in ransomware cases
A key official with the U.S. Secret Service says companies need to work with law enforcement agencies, who can help make critical decisions in disrupting illicit transactions.
By David Jones • Nov. 17, 2021 -
Getty Images
FBI justifies its decision to withhold Kaseya decryptor
The law enforcement agency prioritized the long-term benefits of a delay over the immediate decryption key release.
By Samantha Schwartz • Nov. 17, 2021 -
Jon Cherry via Getty Images
K-12's decade-old cyber guidance needs updating, watchdog says
With K-12 considered critical infrastructure, the Government Accountability Office is calling for more guidance on the federal government's role in protecting schools.
By Roger Riddell • Nov. 15, 2021 -
Michael M. Santiago via Getty Images
Banks outpace other industries in cyber investments, defense strategies: report
The banking industry is actively investing in cyber defense and employing sound corporate governance practices to combat threats, Moody's found.
By David Jones • Nov. 15, 2021 -
Leon Neal via Getty Images
US backs Paris-led effort on cybersecurity cooperation
After sitting on the sidelines for three years, the U.S. is joining an international effort to create stability and order in cyberspace.
By David Jones • Nov. 11, 2021 -
Chip Somodevilla via Getty Images
DOJ unveils charges, money seizures in multinational crackdown against REvil
The Justice, Treasury and State departments led an international effort to crack down on ransomware, money laundering and illicit trading of cryptocurrency connected to the gang linked to the Kaseya attack.
By David Jones • Nov. 9, 2021 -
Mark Makela/Getty Images via Getty Images
State Department to add cyber bureau, tackle tech diplomacy
The additions could help streamline coordination and eliminate the simultaneous — and sometimes redundant — efforts of global partners.
By Samantha Schwartz • Nov. 9, 2021 -
Sarah Silbiger via Getty Images
$1.2 trillion infrastructure bill passes House, tying cyber to physical investments
The bill, which awaits President Joe Biden's signature, invests $2 billion in cybersecurity and formalizes the national cyber director's budget.
By Samantha Schwartz • Nov. 8, 2021 -
Getty Images / Staff via Getty Images
Pentagon revamps CMMC program to help SMBs meet compliance standards
Critics have decried the cybersecurity program as far too expensive and complex for thousands of defense contractors struggling to shield data from nation states.
By David Jones • Nov. 5, 2021 -
SEC to 'dig deeper' in cybersecurity enforcement
The commission's guidance from 2018 foreshadowed many recent cybersecurity enforcement actions by the agency's Cyber Unit.
By Jim Tyson • Nov. 5, 2021 -
Getty Images
CISA wants to identify the most vulnerable critical infrastructure
The agency is basing its analysis on economic and network centrality, as well as "logical dominance in the national critical functions," Director Jen Easterly said.
By Samantha Schwartz • Nov. 1, 2021 -
Chris Krebs, former CISA director and founding partner of Krebs Stamos Group, speaking with Gartner Distinguished VP Analyst Neil MacDonald during the virtual Gartner IT Symposium/Xpo Wednesday. Retrieved from Gartner IT Symposium/Xpo on Oct. 20, 2021
Government can demand stronger product security, Krebs said. It could help private sector, too
The federal government can use the power of the purse to leverage security improvements, which could benefit businesses at large, according to former CISA Director Chris Krebs.
By Samantha Schwartz • Oct. 22, 2021 -
Cyberattacks spur demand for cyber insurance: Moody's
"This is a critical area that we're challenged with," Securities and Exchange Commission Chair Gary Gensler said, describing the agency’s sharper focus on cyber risk.
By Jim Tyson • Oct. 22, 2021 -
Getty Images
Federal agencies warn of ransomware targeting water, wastewater treatment plants
Months after the attack on a Florida water treatment plant, the FBI, CISA and other agencies are concerned about a new round of threats to vulnerable municipal sites.
By David Jones • Oct. 18, 2021
Previous
