SEC requires firms to report cyberattacks within 4 days, but not everyone may like it

July 27, 2023

Read Time:19 Second

New rules requiring publicly-listed firms to disclose serious cybersecurity incidents within four days have been adopted by the US Securities and Exchange Commission (SEC).

The tough new rules, although undoubtedly well-intentioned, are likely to leave some firms angry that they being “micromanaged” and – it is argued – could even assist attackers.

Read more in my article on the Tripwire State of Security blog.

New Windows Malware Locks Computer in Kiosk Mode

Clever: A malware campaign uses the unusual method of locking users in their browser’s kiosk mode to annoy them into...

September 25, 2024

CrowdStrike Apologizes for IT Outage, Defends Microsoft Kernel Access

Adam Meyers, CrowdStrike VP for counter-adversary operations, appeared before a US congressional committee to answer questions about its July faulty...

September 25, 2024

Enhancing Cyber Resilience in Manufacturing Organizations

2024 Cyber Resilience Research Unveils Manufacturing Sector Challenges New data illuminates how manufacturing leaders can prioritize resilience. Manufacturing organizations find...

September 25, 2024

Enhancing Cyber Resilience in Transportation Organizations

2024 Cyber Resilience Research Unveils Transportation Sector Challenges New data illuminates how transportation leaders can prioritize resilience. Transportation organizations find...

September 25, 2024