OK, a huge thumbs up to Byte Federal for their breach notification letter. They frankly admit where they screwed up and what happened. I wish more notifications were as clear and straightforward as this one.
https://databreaches.net/2024/12/17/a-positive-example-of-forthright-breach-disclosure/
#databreach #transparency #disclosure #IncidentManagement #IncidentReporting #infosec
Timely, accurate incident reporting is now essential under the SEC Cyber Disclosure Rule.
Learn how to align your cyber strategy with regulatory demands:β¬οΈ
Review β CSB Updates Accidental Release Reporting Data β 10-24-24 β 28 new chemical incidents reported to CSB since July β Short version β https://tinyurl.com/bcns3y5f #ChemicalIncident #CSB #IncidentReporting
Review β New CISA Voluntary Cyber Incident Reporting Initiative β Short version β https://tinyurl.com/38kh5syx #IncidentReporting #CISA
New CISA Voluntary Cyber Incident Reporting Initiative β https://tinyurl.com/3hj7hzfv #IncidentReporting #CISA
How many different rulesets are going to demand the private sector to report incidents? Wouldn't that money be better spent finding a way to share the reported information with the departments and agencies that need it? In fact, wasn't that the whole rationale for the ISACs?#RulesSuck #cybersecurity #IncidentReporting #ITSecurity #infosec #CanadaNeedsThishttps://www.csoonline.com/article/2092015/understanding-cisas-proposed-cyber-incident-reporting-rules.html
Confused by the wave of new EU cybersecurity regulations impacting the telecom sector?
Can't distinguish the obligations of the NIS2 Directive from those of NIS1? The Cyber Resilience Act (CRA) from the Critical Entity Resilience Act (CER)? And whatever happened to the European Electronic Communications Code (EECC)?
Telecom operators in the EU have to comply with all of these but the NIS2 Directive is the central one now. It ushers in by far the most substantial changes in telco cybersecurity strategy and day to day cybersecurity operations. Read more in this new HardenStance White Paper:
https://www.hardenstance.com/wp-content/uploads/2023/11/Telco-Takeaways-from-the-NIS2-Directive-FINAL.pdf
#nis2directive #incidentreporting #vulnerabilitydisclosure #threatintelligence
CISA Publishes Report on Harmonizing Cyber Incident Reporting β Report to Congress require as part of the CIRCIA legislation that authorized CISAβs reporting regulation - https://tinyurl.com/5feuynju #CISA #IncidentReporting
SEC Eyes Final Rules on Incident Disclosure, Board Expertise
Some of the comments to the ruling are good but to be effective, the regs have to create incentives to improve practices. Some of these will incent orgs to CYA instead.
#cyberregs #accountability #incidentreporting
https://www.databreachtoday.com/sec-eyes-final-rules-on-incident-disclosure-board-expertise-a-21593
Explosions and CSB Chemical Incident Reporting β Explosion of unknown origin killed one and injured 13 in Ohio manufacturing facility β Is this a CSB reportable incident? https://tinyurl.com/36r5bjhh #CSB #IncidentReporting
