Policy & Regulation


  • A skyline shot of a large city, bifurcated by a large river.
    Image attribution tooltip
    Alihan Usullu via Getty Images
    Image attribution tooltip

    UK cyber chief warns country is at an inflection point as digital threats rise

    In his first major speech, NCSC CEO Richard Horne said state linked and criminal threat groups are working to undermine the nation’s reliance on technology. 

    By Dec. 3, 2024
  • SEC regulation securities laws
    Image attribution tooltip
    Hapabapa via Getty Images
    Image attribution tooltip

    SEC reports drop in enforcement actions for 2024 FY

    The securities regulator also reported a record $8.2 billion in monetary remedies for its last fiscal year, driven by Terraform Labs crypto fraud settlement.

    By Justin Bachman • Nov. 26, 2024
  • exterior of the U.S. Department of Health and Human Services
    Image attribution tooltip
    Alex Wong via Getty Images
    Image attribution tooltip

    HHS facing challenges as lead agency for healthcare cybersecurity: GAO

    The department hasn’t implemented some policies recommended by the watchdog, which could pose a risk to cybersecurity in the sector as attacks increase, according to the Government Accountability Office.

    By Emily Olsen • Nov. 20, 2024
  • Image attribution tooltip
    Win McNamee via Getty Images
    Image attribution tooltip

    Federal probe finds vulnerabilities across more than 300 US water systems

    The Environmental Protection Agency lacks a documented plan to coordinate incident reporting with CISA, the agency’s Office of Inspector General found.

    By Nov. 19, 2024
  • CISA Director Jen Easterly speaks at Carnegie Mellon University urging the tech industry to embrace secure-by-design product development.
    Image attribution tooltip
    Permission granted by Carnegie Mellon University
    Image attribution tooltip

    Easterly to step down from CISA director role on Inauguration Day

    CISA confirmed that political appointees of the Biden administration will also depart the agency as the Trump administration takes over.

    By Nov. 18, 2024
  • Two men in chairs on a stage hold microphones in front of a purple background with crowns and a SIPA logo
    Image attribution tooltip
    Permission granted by Office of the National Cyber Director
    Image attribution tooltip

    National cyber director calls for streamlined security regulations

    Harry Coker Jr. assured critical infrastructure and private sector stakeholders that while standards are necessary, there is a need to harmonize burdensome compliance demands. 

    By Nov. 14, 2024
  • U.S. President Joe Biden speaks at the 79th U.N., General Assembly.
    Image attribution tooltip
    Michael Santiago via Getty Images
    Image attribution tooltip

    US hopes to leverage UN cybercrime treaty toward ransomware fight

    The Biden administration decided to back the controversial accord, despite widespread concerns about potential human rights abuses.

    By Nov. 12, 2024
  • Amtrak Coast Starlight Train
    Image attribution tooltip
    Laser1987 via Getty Images
    Image attribution tooltip

    TSA proposes cyber risk management programs for surface transportation, pipeline operators

    The proposed rule would also require the disclosure of cyber incidents to CISA and physical security concerns to TSA.

    By Nov. 7, 2024
  • Donald Trump in business attire stands in a stage with an U.S. flag in the background
    Image attribution tooltip
    Anna Moneymaker/Staff via Getty Images
    Image attribution tooltip

    4 tech issues to watch in Trump’s second term

    AI, cloud and cybersecurity policies are in the spotlight ahead of the forthcoming Trump administration.

    By Roberto Torres • Nov. 7, 2024
  • National Cyber Director Harry Coker Jr. delivers keynote on the national cybersecurity strategy implementation plan on May 22, 2024 at the McCrary Institute at Auburn University in Washington D.C.
    Image attribution tooltip
    Permission granted by McCrary Institute
    Image attribution tooltip

    USDA, White House launch study to boost cyber resilience of rural water utilities

    A yearlong program with the National Rural Water Association will provide technical assistance to water utilities led by Vermont and Oregon officials.

    By Nov. 4, 2024
  • John Pearce of Grant Thornton speaking during a CFO Dive panel
    Image attribution tooltip
    CIO Dive CFO Dive Panel/Cybersecurity Dive
    Image attribution tooltip

    SEC cyber rules could survive regardless of election outcome, experts say

    As the U.S. presidential election looms, cybersecurity remains a bipartisan focus, experts said during a joint CFO Dive and CIO Dive live event.

    By Grace Noto • Nov. 4, 2024
  • A photo illustration of Kamala Harris and Donald Trump shoulder to shoulder facing away from each other. The background is a purple wave with a grid gradient.
    Image attribution tooltip

    Photo illustration: Industry Dive; Joe Readle/Getty Images; Brandon Bell/Getty Images

    Image attribution tooltip

    As presidential election looms, disparate approaches to cyber policy come into focus

    Government officials and security leaders are hoping the nation’s need for cyber resilience will stand on bipartisan cooperation and transcend partisan politics regardless of the election results. 

    By Oct. 31, 2024
  • A man and a woman shake hands in front of a desk that has flags from the U.S. and Ukraine. The people are in front of a blue background with CISA logos.
    Image attribution tooltip
    Retrieved from Jen Easterly/CISA.
    Image attribution tooltip

    CISA rolls out international strategic plan to bolster cyber cooperation

    The agency is looking to strengthen intel sharing with key cyber partners, raise security standards and ensure a more resilient global supply chain. 

    By Oct. 30, 2024
  • People watch the presidential debate during a debate watch party at Penn Social on Sept. 10, 2024, in Washington
    Image attribution tooltip
    Alex Wong / Getty Images News via Getty Images
    Image attribution tooltip

    Cyber task force has a long to-do list for next president

    The change in leadership presents an opportunity to assess what’s working, where adjustments could be made and areas that are in most need of prioritization, the McCrary Institute said.

    By Oct. 29, 2024
  • Street view of the Securities and Exchange Commission, SEC, Building in Washington DC.
    Image attribution tooltip
    qingwa via Getty Images
    Image attribution tooltip

    SEC settles charges with 4 firms it says downplayed SolarWinds hack exposure

    The agency alleged Unisys, Avaya, Check Point Software and Mimecast misled investors about the extent of their respective cyber risks.

    By Oct. 22, 2024
  • The seal of the Federal Communications Commission.
    Image attribution tooltip
    Mark Wilson / Getty Images via Getty Images
    Image attribution tooltip

    FCC expands cooperation with states on data security, privacy enforcement

    More states are working with the agency to investigate possible violations of consumer privacy and data security laws.

    By Oct. 22, 2024
  • Capitol Hill lit up at night
    Image attribution tooltip
    Win McNamee via Getty Images
    Image attribution tooltip

    New legislation aims to tame ‘Wild West’ in healthcare cybersecurity

    The proposed bill, introduced last month by Sens. Ron Wyden and Mark Warner, is a good step forward, but hospitals may need more funds to boost their cybersecurity practices, experts say.

    By Emily Olsen • Oct. 22, 2024
  • Microsoft President and Vice Chair Brad Smith speaks April 12, 2023, at the Semafor World Economy Summit in Washington D.C.
    Image attribution tooltip
    Drew Angerer via Getty Images
    Image attribution tooltip

    Microsoft confirms partial loss of security log data on multiple platforms

    The company previously expanded free access to security logs on several platforms, including Purview, following the 2023 state-linked hack of Exchange Online.

    By Oct. 18, 2024
  • CISA Director Jen Easterly speaks at Carnegie Mellon University urging the tech industry to embrace secure-by-design product development.
    Image attribution tooltip
    Permission granted by Carnegie Mellon University
    Image attribution tooltip

    FBI, CISA seek input on software security, configuration changes

    Authorities are seeking public comment on steps the software industry can take to make their products more resistant to malicious threat activity.

    By Oct. 17, 2024
  • The FBI seal
    Image attribution tooltip
    Chip Somodevilla via Getty Images
    Image attribution tooltip

    US disables Anonymous Sudan infrastructure linked to DDoS attack spree

    Authorities unsealed charges alleging two Sudanese nationals ran the hacktivist group, linked to major attacks against Microsoft and others.

    By Oct. 17, 2024
  • SEC seal outside Washington D.C. building
    Image attribution tooltip
    Chip Somodevilla via Getty Images
    Image attribution tooltip

    Majority of global CISOs want to split roles as regulatory burdens grow

    Trellix research shows rising cybersecurity demands from the SEC and other government bodies are pushing CISOs even closer to the edge.

    By Oct. 15, 2024
  • A facade of the White House in Washington, D.C.
    Image attribution tooltip
    Nick van Bree via Getty Images
    Image attribution tooltip

    Cyber risk tops C-suite concerns heading into US election

    A report by PwC shows American business leaders will continue to focus on data regulation, AI and technology investments regardless of which party prevails in November.

    By Oct. 10, 2024
  • Building Exterior with Marriott sign
    Image attribution tooltip
    Justin Sullivan via Getty Images
    Image attribution tooltip

    FTC settles yearslong investigation into Marriott’s ‘security failures’

    The settlement caps a pattern of major data breaches at Marriott and its subsidiary Starwood Hotels and Resorts Worldwide over the last decade.

    By Oct. 10, 2024
  • A large commercial building with a green grass lawn is framed through a wire metal fence mesh. National Institutes of Standards and Technology in Gaithersburg, Md., on April 17, 2022.
    Image attribution tooltip
    The image by Jerrye & Roy Klotz, M.D. is licensed under CC BY-SA 4.0
    Image attribution tooltip
    Deep Dive

    CIOs turn to NIST to tackle generative AI’s many risks

    Discover's CIO is one of many tech leaders working to limit generative AI missteps by turning to risk management frameworks to get deployment right from the outset.

    By Lindsey Wilkinson • Oct. 9, 2024
  • The White House in Washington, D.C.
    Image attribution tooltip
    Alex Wong via Getty Images
    Image attribution tooltip

    Counter Ransomware Initiative summit emphasizes arduous effort

    An international collective of cyber officials continued discussions with the White House on how to counter ransomware attacks, reduce payments and increase response capabilities.

    By Oct. 7, 2024