While the Command’s authority applies only to governmental bodies, its creation signals a shift in how the state organizes its cybersecurity posture. This new law may have practical implications for vendors, contractors and...more
Most businesses in the United States will have to file incident reports—including for ransomware payments—under the Proposed Rule.
The Department of Homeland Security has the authority to issue subpoenas and even penalties...more
4/10/2024
/ Covered Entities ,
Critical Infrastructure Sectors ,
Cyber Incident Reporting ,
Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Department of Homeland Security (DHS) ,
Enforcement Actions ,
New Rules ,
NPRM ,
Popular ,
Proposed Regulation ,
Ransomware ,
Reporting Requirements ,
Risk Management
Under the SEC’s rules, public companies that are subject to reporting requirements must promptly disclose material cybersecurity incidents.
The SEC’s Final Rules require public companies to report a material cybersecurity...more
7/31/2023
/ Compliance ,
Cyber Incident Reporting ,
Cybersecurity ,
Disclosure Requirements ,
Final Rules ,
Investors ,
National Security ,
New Rules ,
Public Safety ,
Regulation S-K ,
Reporting Requirements ,
Risk Management ,
Securities and Exchange Commission (SEC)
Under the new law, critical infrastructure owners and operators will be required to report significant cyber incidents to the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA)...more
3/31/2022
/ Critical Infrastructure Sectors ,
Cyber Incident Reporting ,
Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) ,
Cybersecurity ,
Department of Homeland Security (DHS) ,
FBI ,
FOIA ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Penalties ,
Ransomware ,
Reporting Requirements ,
Transportation Security Administration ,
Virtual Currency
The legislation would require all federal contractors to report potential and actual cybersecurity incidents to the Department of Homeland Security.
The Act would impose a 24-hour reporting requirement on federal...more
7/28/2021
/ Cyber Attacks ,
Cybersecurity ,
Cybersecurity Maturity Model Certification (CMMC) ,
Department of Defense (DOD) ,
Department of Homeland Security (DHS) ,
Federal Contractors ,
FOIA ,
General Services Administration (GSA) ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Penalties ,
Popular ,
Proposed Legislation ,
Reporting Requirements
The DoD clarifies its expectation for full compliance to protect Controlled Unclassified Information (CUI) residing on Contractor Systems from cyber incidents.
A defense contractor’s updated and current System Security...more
12/21/2017
/ Cloud Computing ,
Controlled Unclassified Information (CUI) ,
Cyber Threats ,
Cybersecurity ,
Data Protection ,
Data Security ,
Defense Contracts ,
Defense Sector ,
Department of Defense (DOD) ,
DFARS ,
Federal Contractors ,
NIST ,
Reporting Requirements
On January 22, 2016, the Food and Drug Administration (FDA) issued draft guidance titled “Postmarket Management of Cybersecurity in Medical Devices,” setting forth proposed recommendations for the medical device industry as...more