New rules requiring publicly-listed firms to disclose serious cybersecurity incidents within four days have been adopted by the US Securities and Exchange Commission (SEC).
The tough new rules, although undoubtedly well-intentioned, are likely to leave some firms angry that they being “micromanaged” and – it is argued – could even assist attackers.
Read more in my article on the Tripwire State of Security blog.
More Stories
New Windows Malware Locks Computer in Kiosk Mode
Clever: A malware campaign uses the unusual method of locking users in their browser’s kiosk mode to annoy them into...
CrowdStrike Apologizes for IT Outage, Defends Microsoft Kernel Access
Adam Meyers, CrowdStrike VP for counter-adversary operations, appeared before a US congressional committee to answer questions about its July faulty...
Enhancing Cyber Resilience in Manufacturing Organizations
2024 Cyber Resilience Research Unveils Manufacturing Sector Challenges New data illuminates how manufacturing leaders can prioritize resilience. Manufacturing organizations find...
Enhancing Cyber Resilience in Transportation Organizations
2024 Cyber Resilience Research Unveils Transportation Sector Challenges New data illuminates how transportation leaders can prioritize resilience. Transportation organizations find...
Thousands of US Congress Emails Exposed to Takeover
Some 3191 email addresses for congressional staff are available on the dark web Read More
Critical Ivanti Authentication Bypass Bug Exploited in Wild
CISA adds critical Ivanti bug to its Known Exploited Vulnerabilities catalog Read More