Inside Cybersecurity

March 29, 2024

Home Page

Home Page

By Sara Friedman

The Cybersecurity and Infrastructure Security Agency goes into detail on the triggers for reporting cyber incidents, including “reasonable belief,” and the need for supplemental reports, in a notice of proposed rulemaking posted Wednesday to implement a major incident reporting law.

By Sara Friedman

CISA’s notice of proposed rulemaking marks an important milestone in establishing mandatory cyber incident reporting that allows for two-way information sharing and provides insights back to stakeholders to improve their security, according to senior DHS and CISA officials.

By Jacob Livesay

The Office of the National Cyber Director has kicked off a key piece of the national cyber strategy through a legal symposium held on Wednesday to gather input from academic and think tank stakeholders on how to develop software liability protections.

By Jacob Livesay

The Cybersecurity and Infrastructure Security Agency has published a white paper on how specific members of the software community should approach sharing a Software Bill of Materials, as part of the agency’s community-led efforts to tackle challenges in the software transparency space.

By Jacob Livesay

A new threat report from Google on 2023 exploit trends calls out the People’s Republic of China as the top nation state taking advantage of zero-day vulnerabilities.

By Jacob Livesay

A task force led by the Cloud Security Alliance and MITRE wants to develop better tools for measuring progress on cybersecurity outcomes for cloud environments as part of its work with the federal government and industry, according to a MITRE cyber engineer participating in the public-private partnership.

By Sara Friedman

CISA’s notice of proposed rulemaking for mandatory cyber incident reporting goes into depth on proposed definitions, impacts that would trigger reporting and the applicability of who could be considered a covered entity.

Topics