Policy & Regulation: Page 22
-
Weighing the risks of disclosing a cyber incident
Not telling law enforcement or a regulator is an admission by an organization: We do not consider this cyber incident reportable.
By Samantha Schwartz • Dec. 10, 2020 -
National defense bill is heavy on cyber. What it means for the private sector.
The recommendations are intended to remedy areas of distrust and construct a more resilient cyber infrastructure, regardless of sector.
By Samantha Schwartz • Dec. 7, 2020 -
Brian Tucker/Cybersecurity Dive
IoT cyber bill clears Congress — what's next for industry players?
Long-awaited legislation is seen as a springboard to widespread adoption of standards across the booming connected-devices industry.
By David Jones • Dec. 3, 2020 -
Supreme Court decision on computer fraud law hinges on one word — 'so'
The U.S. Supreme Court held the Computer Fraud and Abuse Act does not cover incidents which individuals with authorized access to a computer system abuse access privileges.
By Samantha Schwartz • Updated June 3, 2021 -
A cyber stakeholder's guide to Van Buren vs. US
The Supreme Court could determine what constitutes the limits of authorized computer access under the Computer Fraud and Abuse Act. Should this issue be left for Congress?
By Samantha Schwartz • Nov. 30, 2020 -
Technologists grapple with privacy, bias as AI inches closer to customers
Industry must contend with the ethical challenges of building AI as the technology expands in physical and digital customer touchpoints.
By Roberto Torres • Nov. 30, 2020 -
Permission granted by Home Depot
Home Depot codifies data reforms in $17.5M breach settlement with states
The home improvement retailer reached a $17.5 million settlement following a multistate investigation into its 2014 hacking.
By David Jones • Nov. 25, 2020 -
Defense industry CISOs prepare for cybersecurity compliance audits
As the deadline looms for long-awaited supply chain security requirements, experts are helping contractors prepare for third-party assessments.
By David Jones • Nov. 23, 2020 -
Carnegie researchers seek urgent action to combat financial cyberthreats
Fintech business development and digital transformation in banking is creating opportunities for malicious actors to attack vulnerable systems.
By David Jones • Nov. 20, 2020 -
Ransom sanctions leave little room for companies desperate to resolve an attack
Victimized organizations are balancing the risk and cost of stalled operations and encrypted data, with federal watchdogs ready to act. Response and recovery is never going to be an easy process.
By Samantha Schwartz • Nov. 20, 2020 -
Getty Images
Trump fires CISA's Krebs in slew of top cyber departures
President Donald Trump fired Christopher Krebs on Tuesday night, a week after top cyber official Bryan Ware left his post, leaving high-level national cybersecurity positions vacant.
By Katie Malone • Nov. 17, 2020 -
Biden faces scrutiny on key appointments and policy priorities on privacy, cybersecurity
Experts say the incoming administration has an array of former Obama administration staff and will face pressure to reform a number of fronts.
By David Jones • Nov. 13, 2020 -
Courtesy of Zoom
Zoom settles with FTC, promises to build robust security program
With Zoom's rapid user growth between December and April, the company allegedly "misled users by touting" end-to-end, 256-bit encryption, when it actually offered "lower level of security," said the FTC.
By Samantha Schwartz • Nov. 10, 2020 -
What will a Biden presidency mean for business tech and cyber?
As the White House leadership changes, tech and cyber policies taking root are likely to focus on more R&D and federal oversight.
By Katie Malone • Nov. 6, 2020 -
No major cyber incidents reported on Election Day — but the security challenge is just beginning
Senior CISA officials confirmed throughout the day that the U.S. did not face any major cyber activity yesterday but cautioned post-Election Day is when the action really begins.
By Katie Malone • Nov. 4, 2020 -
"State Capitol Building, USA, California, Sacramento" [Photograph]. Retrieved from Pixy.
California voters approve 'CCPA 2.0' ballot proposition
Proposition 24 says that if companies don't need certain details about consumers to run their business or provide services then they don't need to collect the information at all.
By Samantha Schwartz • Updated Nov. 4, 2020 -
Retrieved from Marriott on December 03, 2018
Marriott finds financial reprieve in reduced GDPR penalty
The U.K.'s Information Commissioner's Office also reduced British Airways' fine, citing economic impact of COVID-19 as a factor.
By Samantha Schwartz • Nov. 2, 2020 -
Photography by Gage Skidmore / Photo Illustration by Kendall Davis / Industry Dive
Trump, Biden want strong cyber but differ on offense vs. defense
The presidential nominees understand the urgency around cyber efforts but are split on national data protection.
By Katie Malone • Oct. 29, 2020 -
US sanctions against Russia institute with malware ties only scratch at recourse
The malware, launched against a Saudi Arabia-based oil refinery in 2017, also scanned and probed at least 20 electric facilities in the U.S. in 2019.
By Samantha Schwartz • Oct. 26, 2020 -
Gartner's 3 stages to a mature privacy program
With a patchwork of international privacy laws to consider, there isn't a one-size-fits-all privacy framework. But companies can focus on data management systems to remain compliant.
By Samantha Schwartz • Oct. 21, 2020 -
Treasury threatens fines for ransomware payments
The math problem organizations were solving for — does recovery cost less than the ransom — must now factor in an unknown quantity: fines.
By Samantha Schwartz • Oct. 2, 2020 -
Commission amends cyber recommendations to reflect COVID-19 vulnerabilities
Four new recommendations are divided between two sections specific to the pandemic: cybersecurity challenges and lessons in cyber preparedness.
By Samantha Schwartz • June 2, 2020
Previous
To find more content, use the "Topics" in the menu above.
