Policy & Regulation: Page 24
-
Stock Photo via Getty Images
Threat data sharing considered critical to defense amid rise in sophisticated attacks: report
A Ponemon Institute study shows the value of actionable data as lawmakers and the Biden administration work to encourage intelligence sharing.
By David Jones • March 24, 2021 -
White House looks to tighten private sector coordination, gain infrastructure insight
Following the Microsoft Exchange and SolarWinds attacks, the Biden administration is taking steps to close visibility gaps and encourage rapid intelligence sharing by private sector companies.
By David Jones • March 15, 2021 -
Explore the Trendline➔
Nattakorn Maneerat via Getty Images
-
Google Cloud enters cyber insurance collaboration with Allianz, Munich Re
The agreement comes amid increased financial pressure on the cyber insurance industry due to a rise in ransomware and the historic nation-state attack against SolarWinds.
By David Jones • March 2, 2021 -
SolarWinds missed early security warnings
Lawmakers scrutinized SolarWinds' security practices, including its use of "solarwinds123" as a password, a lapse blamed on a former intern.
By David Jones • March 1, 2021 -
Senate SolarWinds hearing turns attention to breach notification laws, intel sharing
Amazon Web Services came under fire for declining to attend the hearing as top executives emphasized the need for faster disclosure and industrywide standards.
By David Jones • Feb. 24, 2021 -
Water system hack reveals thousands of organizations vulnerable to Window 7 exposure
Critical infrastructure providers and SMBs continue to operate the outdated Microsoft OS without security updates and patches.
By David Jones • Feb. 19, 2021 -
Jacob Bell/Cybersecurity Dive
FDA appoints first medical device cybersecurity chief
University of Michigan professor Kevin Fu will serve a one-year term as acting cyber director at the Center for Devices and Radiological Health. Experts fear the chaos of the pandemic created the perfect storm for hackers to exploit.
By Greg Slabodkin • Feb. 4, 2021 -
Attention to K-12 cybersecurity grows in nearly 100 bills introduced in 2020
With K-12 becoming a top target due to a combo of high-value data available and limited protection, a new report examines legislative trends.
By Roger Riddell • Feb. 1, 2021 -
Tanaonte via Getty Images
GDPR regulators are sinking their teeth into violators. 2020's fines are proof.
The European regulation took about a year before major fines were introduced. Watchdogs are in a grey area of harnessing better privacy standards and having zero tolerance for negligent or intentional violations.
By Samantha Schwartz • Jan. 28, 2021 -
Stock Photo via Getty Images
Privacy investments mitigate security losses, report finds
Spending on data privacy has become a priority amid new concerns about COVID-19 data and remote work environments, a study from Cisco shows.
By David Jones • Jan. 26, 2021 -
Cyber defense panel sees more private sector coordination following SolarWinds
Defense and intelligence experts say federal agencies need to strengthen private sector support, intelligence sharing to prevent the next big nation-state attack.
By David Jones • Jan. 20, 2021 -
Brian Tucker/Cybersecurity Dive
With cyber bureau, State Department brings diplomacy to threat landscape
CISOs and security experts see the federal bureau as a potential bridge to help align the government and private sector as nation-states pose increased threats.
By David Jones • Updated Jan. 11, 2021 -
Democrats control Congress. Will 2021 be the year for federal privacy laws?
Don't hold your breath.
By Samantha Schwartz • Jan. 8, 2021 -
Federal task force says Russia likely actor behind SolarWinds attack
As investigations continue, agencies are working to preserve private-sector trust.
By David Jones , Samantha Schwartz • Jan. 5, 2021 -
Feds require banks to report cyberattacks within 36 hours
The rule, taking effect May 1, requires bank technology vendors to immediately notify customers if an incident disrupted services four hours or more.
By Dan Ennis • Updated Nov. 19, 2021 -
valentinrussanov via Getty Images
Federal agencies warn of heightened cyberthreats against K-12 schools
Cyberattackers are trying to steal data and disrupt remote learning as COVID-19 continues to impact schools, the FBI, CISA and MS-ISAC said.
By David Jones • Dec. 11, 2020 -
Weighing the risks of disclosing a cyber incident
Not telling law enforcement or a regulator is an admission by an organization: We do not consider this cyber incident reportable.
By Samantha Schwartz • Dec. 10, 2020 -
National defense bill is heavy on cyber. What it means for the private sector.
The recommendations are intended to remedy areas of distrust and construct a more resilient cyber infrastructure, regardless of sector.
By Samantha Schwartz • Dec. 7, 2020 -
Brian Tucker/Cybersecurity Dive
IoT cyber bill clears Congress — what's next for industry players?
Long-awaited legislation is seen as a springboard to widespread adoption of standards across the booming connected-devices industry.
By David Jones • Dec. 3, 2020 -
Supreme Court decision on computer fraud law hinges on one word — 'so'
The U.S. Supreme Court held the Computer Fraud and Abuse Act does not cover incidents which individuals with authorized access to a computer system abuse access privileges.
By Samantha Schwartz • Updated June 3, 2021 -
A cyber stakeholder's guide to Van Buren vs. US
The Supreme Court could determine what constitutes the limits of authorized computer access under the Computer Fraud and Abuse Act. Should this issue be left for Congress?
By Samantha Schwartz • Nov. 30, 2020 -
Technologists grapple with privacy, bias as AI inches closer to customers
Industry must contend with the ethical challenges of building AI as the technology expands in physical and digital customer touchpoints.
By Roberto Torres • Nov. 30, 2020 -
Permission granted by Home Depot
Home Depot codifies data reforms in $17.5M breach settlement with states
The home improvement retailer reached a $17.5 million settlement following a multistate investigation into its 2014 hacking.
By David Jones • Nov. 25, 2020 -
Defense industry CISOs prepare for cybersecurity compliance audits
As the deadline looms for long-awaited supply chain security requirements, experts are helping contractors prepare for third-party assessments.
By David Jones • Nov. 23, 2020 -
Carnegie researchers seek urgent action to combat financial cyberthreats
Fintech business development and digital transformation in banking is creating opportunities for malicious actors to attack vulnerable systems.
By David Jones • Nov. 20, 2020
Previous
