Uncategorized

Subscribe to Uncategorized via RSS

BankInfoSecurity.com reported that “New cyber incident reporting rules are set to come into effect in the U.S. on May 1. Banks in the country will be required to notify regulators within the first 36 hours after an organization suffers a qualifying “computer-security incident.”  The April 29, 2022 report entitled “

Continue Reading Will Banks Be Able to Comply With the New 36 Hour Cyber Notification Deadlines?

Darkreading.com reported that “While cybersecurity experts have been reticent to attribute the attacks to Russia, the links between their targeted and the current Russian invasion of Ukraine have suggested that the nation is the most likely sponsor. While the country might be hesitant to attack critical infrastructure, Russia has not

Continue Reading Beware of Cybersecurity Threats to Critical Infrastructure!

DataBreachToday.com reported that “commonly negotiated issues between healthcare delivery organizations and medical device vendors often involve expectations regarding notification of and patches for newly identified software security vulnerabilities, and those timelines.”  The April 18, 2022 article entitled “Medical Devices: Negotiating Cybersecurity Contract Terms” included these comments from Jim

Continue Reading What Are You Doing to Protect Your Medical Devices From Cyberattacks?

BankInfoSecurity.com reported that “Extended Detection and Response vendors face “an existential crisis” as the endpoint becomes less important now that businesses are typically storing their data in the cloud rather than on the endpoint. This has forced EDR providers to build out full-fledged EDR platforms that incorporate different telemetry sources

Continue Reading Extended Detection and Response (EDR or XDR) is Critical to Protect Cloud Data!

Darkreading.com reported that “When President Biden signed the omnibus spending bill Tuesday, he also put the bipartisan Cyber Incident Reporting Act into effect, which requires critical infrastructure companies in the 16 industry sectors identified by the federal government to report to the Cybersecurity and Infrastructure Security Agency (CISA) within 72

Continue Reading CISOs Have Greater Responsibilities Under the New Cyber Incident Reporting Act!

BankInfoSecurity.com reported that “The U.S. Federal Communications Commission’s Public Safety and Homeland Security Bureau voted unanimously to ban Kaspersky Lab, China Telecom (Americas) Corp., and China Mobile International USA Inc., stating the companies posed a national security threat. In addition, the bug bounty platform HackerOne suspended Kaspersky’s access to the

Continue Reading FCC adds Russian and Chinese Companies to High-Risk Cybersecurity Companies!

NIST issued a Request for Information (RFI) “seeking information to assist in evaluating and improving its cybersecurity resources, including the “Framework for Improving Critical Infrastructure Cybersecurity” (the “NIST Cybersecurity Framework,” “CSF” or “Framework”) and a variety of existing and potential standards, guidelines, and other information, including those relating to improving

Continue Reading NIST Is Seeking Public Advice to Help Cybersecurity for the Supply Chain