July 12, 2024 at 10:13AM The SEC’s new incident reporting requirements are raising concerns among security professionals and government bodies. Arguments include duplication of existing legislation, challenges in early disclosure of breach information, and the burden on smaller companies. Small organizations can mitigate the impact by familiarizing themselves with major security frameworks and building a … Read more
May 9, 2024 at 08:13PM CISA extends the feedback period for proposed CIRCIA incident reporting by 30 days. Concerns of additional red tape on cybercrime victims arise. CIRCIA law, requiring reporting within specific time frames, is in final stages at CISA. Congress allocated no extra resources for CISA to fulfill its responsibilities. CISA stresses coordinated … Read more
March 28, 2024 at 09:38AM New cyber incident reporting rules for critical infrastructure closer to implementation after President Biden signed CIRCIA into law in March 2022. Organizations must report substantial cyber incidents within 72 hours, including ransom payments within 24 hours. The rule faces pushback from industry due to added compliance strain on resources, according … Read more