House Homeland Security Chairman Bennie Thompson (D-MS) is preparing a “framework” on cyber incident reporting by critical-infrastructure operators, to be circulated in the “coming weeks,” and is exploring both a regulatory requirement as well as incentives for the private sector to voluntarily share more of such information in the near term.
Defense Department acquisition CISO Katie Arrington says her office is working to establish reciprocity with other government standards such as the General Services Administration’s FedRAMP, in an effort to help companies reach compliance with the Cybersecurity Maturity Model Certification program more quickly while still maintaining necessary security requirements.
Groups from the financial, tech, insurance and other sectors this week dissected a proposed rule to require reporting to federal regulators within 36 hours of a cyber incident, offering a real-world examination of an issue that garnered extensive attention during a Senate Intelligence Committee hearing this week.
Reps. Jim Langevin (D-RI) and Michael McCaul (R-TX) say they are encouraged by the Biden administration’s actions to impose consequences on Russian technology companies linked to the SolarWinds hack, a move that they say underscores the importance of legislation on cyber diplomacy coming to the House floor next week.
The Federal Communications Commission’s “CSRIC” advisory council will focus on 5G security issues in its next iteration, as the FCC seeks nominations for members who want to contribute over the next two years to work on risks and mitigation tactics against software and cloud services attacks.