Compliance | News, how-tos, features, reviews, and videos
Verizon's $4 million settlement with the US DOJ signals stepped-up action by the Justice Department's Civil Cyber-Fraud initiative.
NIST seeks comments ahead of the 2024 release of CSF 2.0, which aims to appeal to a broader range of organizations while elevating the importance of corporate governance and more fully addressing supply chain security.
The new SEC rules also require registrants to report ransomware payments within 24 hours to report ransomware payments and to submit annual cyber risk management, strategy, and governance reports.
The administration released its much-awaited implementation plan for the National Cybersecurity Strategy, offering a roadmap for how it plans to turn high-level cybersecurity goals into concrete steps.
The Biden administration's cybersecurity initiatives broadly aim to improve cybersecurity resilience, with recent regulations and other actions designed to foster a "defensible, resilient ecosystem."
Comments submitted to CISA regarding its creation of cyber incident and ransom payment reporting requirements underscore how tough it will be for the agency to create a one-size-fits-all framework.
An expanded data breach definition and the telcos’ desire to link notifications to “concrete harm” are among the most controversial aspects of the proposed FCC data breach reporting rules.
An apparent data breach potentially impacting hundreds of millions of users could damage Twitter's finances and operations. EU regulators pose the biggest threat to the Elon Musk-owned company.
Based on the NIST Cybersecurity Framework, the goals could become the baseline standards for cybersecurity negligence and possible future regulatory requirements.
Technical controls update includes revisions surrounding the use of cloud services, multi-factor authentication, and password management. New pricing structure better reflects organisational size and complexity.