Companies critical to U.S. national interests will now have to report when they’re hacked or they pay ransomware, according to new rules approved by Congress. The rules are part of a broader effort by the Biden administration and Congress to …
U.S. banking regulators on Thursday finalized a rule that directs banks to report any major cybersecurity incidents to the government within 36 hours of discovery. Separately, the banking industry said it had successfully completed a massive cross-industry cyber security drill …
The Transportation Security Administration will introduce regulations that compel the most important U.S. railroad and airport operators to improve their cybersecurity procedures, Homeland Security Secretary Alejandro Mayorkas said on Wednesday. The upcoming changes will make it mandatory for “higher-risk” rail …
More transparency is needed into what kind of cash payments are made after ransomware attacks, a top Democrat said, following a recent spate of cyber-attacks aimed at U.S. companies. Mark Warner, chairman of the Senate Intelligence Committee, spoke days after …
Research finds that when one company experiences a cybersecurity breach, other companies in the same field also become less attractive to investors. However, companies that are open about their cybersecurity risk management fare significantly better than peers that don’t disclose …
The U.S. Securities and Exchange Commission will review a dispute between Express Scripts Holding Co. and New York State Comptroller Thomas DiNapoli over his effort to force the prescription-benefits manager to increase cyber-risk disclosures. Express Scripts told the SEC last …
