Inside Cybersecurity

June 8, 2023

Home Page

Home Page

By Sara Friedman

The Small Business Administration’s Office of Advocacy will get a chance to provide feedback on the upcoming rulemaking to establish the Pentagon’s cyber certification program before it is finalized, according to chief counsel Major Clark, who spoke with Inside Cybersecurity on how SBA is involved in the review process.

By Charlie Mitchell

Leaders of the Cyberspace Solarium Commission and its successor organization identified bolstering critical infrastructure resiliency as an essential piece of unfinished business after many of their recommendations on restructuring government’s approach to cyber were implemented into law, at an event to discuss the work of two high-profile commissions on cyber and artificial intelligence.

By Sara Friedman

The National Institute of Standards and Technology is looking for “action-based” examples that can used to help with implementation of the agency’s update to the cybersecurity framework and offers a sampling for stakeholders to review in a discussion draft released in April for comment.

By Charlie Mitchell

The demand for cyber insurance is still running ahead of supply but price increases are easing, according to a report from Moody’s Investors Service, that also finds ongoing challenges in analyzing the impact of major cyber attacks and heightened regulatory interest by governments across the globe.

By Charlie Mitchell

Four influential financial sector trade groups are jointly urging the Securities and Exchange Commission to significantly overhaul two proposed cybersecurity rules in order to “harmonize and deconflict” cyber requirements on the industry and to address a series of issues to make the rules workable.

By Sara Friedman

The National Institute of Standards and Technology is making a major change to its timeline for updating guidance on the handling of controlled unclassified information, with plans to release the assessment guide that accompanies Special Publication 800-171 for review this fall.

RECENT NEWS

CISA considers next steps for zero trust guidance with work on applications, OT under development
Palo Alto’s Unit 42 reports on network threat trends, finds jump in exploitation of vulnerabilities
FDD’s Montgomery salutes House China panel’s cyber recommendations, urges additional steps
Info-sharing leader sees opportunities for harmonization through stacking requirements
Officials stress interagency cooperation as key to cybersecurity improvements
NIST’s annual report highlights broad scope of cyber work on software, supply chain and emerging challenges
Agencies issue rule prohibiting TikTok on government and contractor devices

MORE NEWS ›

Working Remotely?

If you are unable to access this service in the usual way because you are working remotely, let us know and we’ll provide you with temporary access credentials. Contact us at access@iwpnews.com.

Topics

Biden's Executive Order
CISA sets June ‘SBOM-a-Rama’ event to provide updates, gather input on next steps for community-led initiatives
Neuberger tasks telecom security panel with developing recommendations on impact of incentives to buy down risk
NSTAC stakeholders weigh in on upcoming labeling program for Internet of Things devices
NIST seeks collaborators for supply chain project focused on secure software development
Incident Reporting Law
House Energy and Commerce approves electric sector incident reporting bill amid concerns over duplication
NIST issues guidelines for creating federal vulnerability disclosure program required by law
Private equity group warns ‘short-fuse’ notification requirement could overwhelm SEC with breach reports
Banking group urges SEC to harmonize cyber proposals, an issue flagged by Commissioner Peirce
SEC CYBER RULES
SEC’s Peirce says commission strays into corporate management, rather than oversight, in proposed cyber rule
SEC commissioner Lizárraga stresses need for cyber expertise on corporate boards
Nonprofit-led ransomware task force reviews progress on key recommendations with two-year anniversary update
Cyber ratings leader: Corporate boards need common lexicon to understand business impacts
FTC Cyber Rules
Hunton law firm group details considerations for FTC proposal on ‘commercial surveillance’
California AG pushes FTC for ambitious approach to regulating ‘commercial surveillance,’ emphasizes health data
U.S. Chamber of Commerce takes aim at FTC ‘commercial surveillance’ proposal, says agency exceeds authority
Commerce agency says FTC ‘commercial surveillance’ proposal helps drive unified approach to privacy
Zero Trust
CISA and partners refresh foundational ransomware guide with updates on cyber performance goals, best practices
The Week Ahead: NIST hosts zero trust conference; House hearings on China, NTIA oversight and more
NIST finalizes updated guidance on mobile device security, addressing deployment, use and disposal
NIST releases draft model for access control using ZTA in ‘cloud native applications in multi-cloud environments’
National Cyber Strategy
Court approves water industry groups’ petition to intervene in lawsuit over EPA cyber regulation
Homeland Security leader Thompson spearheads letter urging Walden nomination for cyber director
Defense Dept. offers fact sheet on cyber strategy, sends classified version to lawmakers
Water utility groups seek to join states’ lawsuit on blocking new EPA cyber requirements
CSF 2.0
Cloud Security Alliance urges NIST to address ‘cloud-specific’ issues in cyber framework update
MITRE draws from Sen. Warner’s white paper in offering cyber recommendations for health sector
Top cyber officials and leading practitioners offered insights at RSA on challenges, state of collaboration
NIST proposes category revisions as part of cybersecurity framework update to address supply chain, vulnerabilities
Supply Chain
Officials, lawmakers underscore cyber risks at Senate hearing on replacing ‘legacy’ IT systems
FCC considers next steps for rip-and-replace amid concerns over deadline to fix funding shortfall
New York financial regulator levels fine over failures on third-party risk management, software issues under state cyber rule
Wireless group proposes aligning licensed spectrum allocation to entities that adopt cyber best practices