Reporting an incident to the correct authorities or vulnerability clearinghouses can be an experience fraught with frustration. You pour time, energy, and resources into fighting an intrusion, all while keeping company officials and stakeholders up to date and preventing sensitive information from getting into the wild. Explaining what happened might seem just like another layer of hard work and exposure to potential embarrassment when the details are out there for all to see.
But legislators have been pushing enterprise executives to share more information about security incidents and they’re creating new requirements in the United States and around the world to mandate the disclosure of such information. Why?
More Stories
WK Kellogg Confirms Data Breach Tied to Cleo Software Exploit
WK Kellogg breach exposed employee data after attackers exploited flaws in Cleo software Read More
Precision-Validated Phishing Elevates Credential Theft Risks
New phishing method targets high-value accounts using real-time email validation Read More
Ransomware Attacks Hit All-Time High as Payoffs Dwindle
While ransomware attack claims are at an all-time high, financial losses from actual attacks may be reducing Read More
How to Leak to a Journalist
Neiman Lab has some good advice on how to leak a story to a journalist. Read More
Three-Quarters of IT Leaders Fear Nation-State AI Cyber Threats
73% of respondents in an Armis survey said they worried about nation-state actors using AI for cyber-attacks Read More
Microsoft Fixes Over 130 CVEs in April Patch Tuesday
Microsoft has issued security updates to fix 130+ vulnerabilities this month, including one zero-day Read More