March 29, 2024
Home Page
Home Page
The Cybersecurity and Infrastructure Security Agency goes into detail on the triggers for reporting cyber incidents, including “reasonable belief,” and the need for supplemental reports, in a notice of proposed rulemaking posted Wednesday to implement a major incident reporting law.
CISA’s notice of proposed rulemaking marks an important milestone in establishing mandatory cyber incident reporting that allows for two-way information sharing and provides insights back to stakeholders to improve their security, according to senior DHS and CISA officials.
The Office of the National Cyber Director has kicked off a key piece of the national cyber strategy through a legal symposium held on Wednesday to gather input from academic and think tank stakeholders on how to develop software liability protections.
The Cybersecurity and Infrastructure Security Agency has published a white paper on how specific members of the software community should approach sharing a Software Bill of Materials, as part of the agency’s community-led efforts to tackle challenges in the software transparency space.
A new threat report from Google on 2023 exploit trends calls out the People’s Republic of China as the top nation state taking advantage of zero-day vulnerabilities.
A task force led by the Cloud Security Alliance and MITRE wants to develop better tools for measuring progress on cybersecurity outcomes for cloud environments as part of its work with the federal government and industry, according to a MITRE cyber engineer participating in the public-private partnership.
CISA’s notice of proposed rulemaking for mandatory cyber incident reporting goes into depth on proposed definitions, impacts that would trigger reporting and the applicability of who could be considered a covered entity.