Rules coming in April could require publicly traded companies to disclose a breach within four days of deeming it material as well as board member cybersecurity expertise. The SEC in March 2022 proposed a mandate that companies disclose "material" incidents within four business days of discovery.
A U.S. federal court ruling this week is the latest setback for plaintiffs in an 8-year-old proposed class action litigation against health insurer CareFirst BlueCross BlueShield in the aftermath of a 2014 cyberattack that affected more than 1.1 million individuals.
The U.S. Consumer Financial Protection Bureau is mulling over whether to reimburse consumers for online scams and fraud, but this regulatory change could lead to an increase in first-party fraud, cautioned Karen Boyer, senior vice president of financial crimes at M&T Bank.
A top Pentagon technology official on Wednesday emphasized the U.S. Department of Defense's embrace of zero trust. "We've committed to implementing zero trust across the DOD by 2027, which is an ambitious yet critical milestone," Department of Defense CIO John B. Sherman told a Senate panel.
The Food and Drug Administration on Wednesday said that starting immediately, medical device makers must include cybersecurity plans with new product applications. Beginning on Oct. 1, the FDA intends to issue "refuse to accept" determinations for submissions lacking the cyber requirements.
Cisco plans to purchase its second cloud security startup in two months to deliver context, prioritization and remediation recommendations for cloud-native resources. The networking giant said its proposed buy of Lightspin will allow clients to identify and address key cloud security risks.
Lawmakers urged Director Jen Easterly to devise metrics that quantify how effectively the Cybersecurity and Infrastructure Security Agency uses federal money to cut cyber risk. Rep. Dave Joyce wants CISA to more precisely measure the return on taxpayer spending given the agency's rising budget.
Blue Shield of California is notifying more than 63,000 customers that their data was potentially exfiltrated in a compromise involving Fortra's GoAnywhere secure file transfer software and one of the health plan's covered mental health providers for minors.
Recent high-profile breaches resulting from API attacks are "just the tip of the iceberg," said Gartner analyst Dionisio Zumerle. "What we have is a new way of exchanging information which is increasingly popular, and almost no organization has the recipe to secure that new way of communicating."
Silicon Valley Bank's new owner plans to double down on business with venture capital and private equity firms and the portfolio companies they serve. VC and PE-focused business accounts form the largest segment of the combined $143 billion loan portfolio of First Citizens and Silicon Valley Bank.
Cybersecurity startups that for decades turned to Silicon Valley Bank in a pinch will now find themselves working with a 125-year-old, North Carolina-based institution. First Citizens Bank has bought all Silicon Valley Bank deposits and loans from the FDIC, which rescued the bank after its collapse.
The United States sent its top cyber offensive team to NATO ally Albania to help secure the nation's critical infrastructure networks. The Cyber National Mission Force helped find cyberthreats and vulnerabilities on networks likely targeted last year by Iranian threat actors.
From being in the news about its data being hacked to being hailed as one of the big identity initiatives globally, Aadhaar has indeed come a long way. ISMG caught up with Sumnesh Joshi, deputy director general of UIDAI, to discuss the initiatives the authority has taken to change its perception.
In the latest weekly update, ISMG editors discuss how Russia's invasion of Ukraine upended the cybercrime ecosystem, a lawsuit against a U.S. cardiovascular clinic that seeks a long list of security improvements, and the latest endpoint protection technology trends in the Gartner Magic Quadrant.
EMV chip technology has taken a major bite out of credit card fraud at the point of sale, but card-not-present fraud continues to flourish thanks to an age-old technology - the magnetic stripe, says Mark Solomon, international president, International Association of Financial Crimes Investigators.