Industry trade groups still have ‘concerns’ with cyber reporting mandate

21 organizations representing critical infrastructure interest groups ask Jen Easterly to have CISA go back to the drawing board.

The post Industry trade groups still have ‘concerns’ with cyber reporting mandate appeared first on CyberScoop.

Continue reading Industry trade groups still have ‘concerns’ with cyber reporting mandate

Cost of a data breach: The industrial sector

Industrial organizations recently received a report card on their performance regarding data breach costs. And there’s plenty of room for improvement. According to the 2024 IBM Cost of a Data Breach (CODB) report, the average total cost of a data breach in the industrial sector was $5.56 million. This reflects an 18% increase for the […]

The post Cost of a data breach: The industrial sector appeared first on Security Intelligence.

Continue reading Cost of a data breach: The industrial sector

CIRCIA feedback update: Critical infrastructure providers weigh in on NPRM

In 2022, the Cyber Incident for Reporting Critical Infrastructure Act (CIRCIA) went into effect. According to Secretary of Homeland Security Alejandro N. Mayorkas, “CIRCIA enhances our ability to spot trends, render assistance to victims of cyber incidents and quickly share information with other potential victims, driving cyber risk reduction across all critical infrastructure sectors.” While […]

The post CIRCIA feedback update: Critical infrastructure providers weigh in on NPRM appeared first on Security Intelligence.

Continue reading CIRCIA feedback update: Critical infrastructure providers weigh in on NPRM

How CIRCIA is changing crisis communication

Read the previous article in this series, PR vs cybersecurity teams: Handling disagreements in a crisis. When the Colonial Pipeline attack happened a few years ago, widespread panic and long lines at the gas pump were the result — partly due to a lack of reliable information. The attack raised the alarm about serious threats to […]

The post How CIRCIA is changing crisis communication appeared first on Security Intelligence.

Continue reading How CIRCIA is changing crisis communication

PR vs cybersecurity teams: Handling disagreements in a crisis

Check out our first two articles in this series, Cybersecurity crisis communication: What to do and Crisis communication: What NOT to do. When a cyber incident happens inside an organization, everyone in the company has a stake in how to approach remediation. The problem is that not everyone agrees on how to handle the public […]

The post PR vs cybersecurity teams: Handling disagreements in a crisis appeared first on Security Intelligence.

Continue reading PR vs cybersecurity teams: Handling disagreements in a crisis

Biden’s cybersecurity legacy: ‘a big shift’ to private sector responsibility

Over the course of his term, Joe Biden has presided over an ambitious agenda on regulation and more, to both praise and criticism.

The post Biden’s cybersecurity legacy: ‘a big shift’ to private sector responsibility appeared first on CyberScoop.

Continue reading Biden’s cybersecurity legacy: ‘a big shift’ to private sector responsibility

Banking, oil and IT industry reps call on Congress to harmonize cyber regulations … again

Industry representatives in a House hearing pointed to the Biden administration’s cyber reporting mandate as an example of overlapping regulations.

The post Banking, oil and IT industry reps call on Congress to harmonize cyber regulations … again appeared first on CyberScoop.

Continue reading Banking, oil and IT industry reps call on Congress to harmonize cyber regulations … again

Critical infrastructure organizations want CISA to dial back cyber reporting

Public comments from industry on the cyber agency’s draft proposal call for clearer terms and hard limits on what information can be collected.

The post Critical infrastructure organizations want CISA to dial back cyber reporting appeared first on CyberScoop.

Continue reading Critical infrastructure organizations want CISA to dial back cyber reporting

Important details about CIRCIA ransomware reporting

In March 2022, the Biden Administration signed into law the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA). This landmark legislation tasks the Cybersecurity and Infrastructure Security Agency (CISA) to develop and implement regulations requiring covered entities to report covered cyber incidents and ransomware payments. The CIRCIA incident reports are meant to enable […]

The post Important details about CIRCIA ransomware reporting appeared first on Security Intelligence.

Continue reading Important details about CIRCIA ransomware reporting

Departing top CISA official reflects on nearly four years in the cyber hot seat

Eric Goldstein spoke with CyberScoop about where the Cybersecurity and Infrastructure Security Agency has made progress, lessons learned and what’s next.

The post Departing top CISA official reflects on nearly four years in the cyber hot seat appeared first on CyberScoop.

Continue reading Departing top CISA official reflects on nearly four years in the cyber hot seat