March 14, 2022
Companies critical to U.S. national interests will now have to report when they’re hacked or they pay ransomware, according to new rules approved by Congress. The rules are part of a broader effort by the Biden administration and Congress to …
November 19, 2021
U.S. banking regulators on Thursday finalized a rule that directs banks to report any major cybersecurity incidents to the government within 36 hours of discovery. Separately, the banking industry said it had successfully completed a massive cross-industry cyber security drill …
October 7, 2021
The Transportation Security Administration will introduce regulations that compel the most important U.S. railroad and airport operators to improve their cybersecurity procedures, Homeland Security Secretary Alejandro Mayorkas said on Wednesday. The upcoming changes will make it mandatory for “higher-risk” rail …
June 7, 2021
More transparency is needed into what kind of cash payments are made after ransomware attacks, a top Democrat said, following a recent spate of cyber-attacks aimed at U.S. companies. Mark Warner, chairman of the Senate Intelligence Committee, spoke days after …
November 8, 2019
Research finds that when one company experiences a cybersecurity breach, other companies in the same field also become less attractive to investors. However, companies that are open about their cybersecurity risk management fare significantly better than peers that don’t disclose …
January 24, 2018
The U.S. Securities and Exchange Commission will review a dispute between Express Scripts Holding Co. and New York State Comptroller Thomas DiNapoli over his effort to force the prescription-benefits manager to increase cyber-risk disclosures. Express Scripts told the SEC last …