Tag Archive for: Rule

Top US Cyber Agency Pushing Toward First Hack Reporting Rule

/in


A new US notification requirement for victims of malicious hacks could push in-house counsel to disclose cyberattacks when faced with ransomware and other network compromises.

Among the first-ever cyber regulations to be enforced by the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, the top US cyber authority, the proposed rules would require companies in 16 critical infrastructure sectors—including healthcare, energy, and finance—to report security incidents within three days and ransomware payments in 24 hours.

CISA’s proposed rule is part of a US effort to shore up defenses against the increasingly disruptive attacks of cyber criminals and nation-backed hacking groups, while simultaneously streamlining overlapping and inconsistent breach-notification reporting requirements across sectors. The rule would nudge companies toward new hiring and staff retraining, and push general counsel toward more active cybersecurity responsibilities.

The Biden administration set December 2025 as the deadline for the final rule, which was mandated in the Cyber Incident Reporting for Critical Infrastructure Act of 2022.

“One glaring challenge has been our cyber incident reporting system, which has recently been revealed as a bureaucratic maze,” said Jackie Singh, a consultant who was a senior cybersecurity staffer in the Biden campaign. “With over 50 disparate reporting channels scattered across numerous government entities, this broken system represents a potential Achilles’ heel. Agility is key to withstand cyber threats in a resilient manner; convoluted reporting structures don’t fit into what we commonly think of as ‘agile.’”

Companies only compound cyber threats when they delay reporting information that could protect other companies or national security, Singh said.

The agency’s new rule is designed to encourage greater visibility into cyber incidents with security implications beyond a single company, so information submitted in the breach reports is guaranteed certain protections.

Chief among those: local, state, and federal governments can’t use the information in the reports to regulate a company providing notice, unless…

Source…

I’m a tech expert – millions risk losing everything by breaking ‘number one security rule’ on iPhone and Android

/in


CYBER experts have revealed why you must never use the same password more than once.

Gadget users risk a dangerous wave of cyber-attacks if they make a simple (and very common) mistake.

It might seem like a handy option, but re-using passwords is extremely dangerousCredit: Unsplash

Often people choose one strong password – and then use it over and over again.

That’s because it’s easy to remember just one password, giving you quick access to all of your accounts and apps.

But it’s extremely dangerous, according to Brad Freeman, director of technology at SenseOn.

“The number one security rule is don’t reuse passwords,” Brad exclusively told The U.S. Sun.

“Many websites will get compromised and reusing the same password could cause a cascading failure as attackers can access multiple services which you have signed up for.

“This could allow an identity thief to build up a rich picture about you to commit fraud against you or your employer.”

If one account is hacked or leaked, crooks can use your password to break into all of your accounts that share the same login.

This means that a small breach somewhere can suddenly cascade into an enormous cyber-attack.

It puts you at serious risk of financial loss and being defrauded.

Hackers could even use a major cyberattack like this to spy on you, or even extort or blackmail you.

Thankfully staying safe is easy: Don’t re-use passwords.

If that seems difficult, it’s best to start using a password manager.

You may already have one: Apple devices like the iPhone offer you iCloud Keychain.

This will automatically generate strong passwords for accounts and then save them for you – refilling the login field when it’s needed.

Google offers a similar password-management feature through its Chrome browser.

And both Apple and Google are trying to push users away from passwords altogether to a new system called Passkeys.

Password-less logins are only just becoming available, and mean you don’t have to risk having a password for an account at all.

Source…

Koko teaser: Sci-fi film predicts cyber warfare, rule of artificial intelligence

/in


Sukumar of Pushpa fame has shared the first glimpse of debutant director Jai Kumar’s sci-fi thriller, Koko. Hailed as India’s ‘authentic sci-fi thriller’, the film revolves around cyber warfare. It asks ‘what if technology overpowers human intellect?” Also read: Adipurush trailer: Prabhas, Kriti Sanon, Saif Ali Khan and the action finally look impressive. Watch

Stills from Koko teaser.

The trailer shows a woman in black, walking out from a fight scene with blood on her hands, holding a pistol. She has an air mask on and throws the pistol before reaching her bike. She throws two tiny robots (instruments) in the air and they travel through the entire scene, passing over fire, guns, blood and even a body of a woman lying on the floor. They also pass over a book with ‘Project Ram Isu’ written on it. As they reach a computer screen which has a timer on, they black themselves when the timer reaches zero. The teaser also has “When east wants to conquer the rest” and “secrets of Indian scriptures come for rescue” written on the screen.

Film trade analyst Taran Adarsh shared on Twitter that the film will go on floors from the third week of June 2023. The shoot will take place in Vietnam, China, Ladakh, Kerala and Hyderabad.

Sharing the impressive trailer, Taran wrote, “Sukumar launches first glimpse of sci-fi thriller Koko… will release in Indian and international languages… Pushpa and Pushpa2 director Sukumar unveils the first glimpse of producer Sandeep Reddy Vasa and director Jai Kumar’s sci-fi thriller Koko.”

Adding that the film will release in multiple Indian and international languages, Taran added, “Koko will release in Telugu, Tamil, Hindi, Malayalam, Kannada, Vietnamese and Taiwanese languages in Summer 2024… In fact, Koko will be the first Indian movie to release directly in Vietnamese and Taiwanese languages.”

According to a report on OTTplay, “a proficient black hat hacker, Nikki, makes use of a…

Source…

Final Rule Places New Cybersecurity Reporting Requirements On Banks – Finance and Banking

/in



United States:

Final Rule Places New Cybersecurity Reporting Requirements On Banks

09 March 2022


Crowe & Dunlevy



To print this article, all you need is to be registered or login on Mondaq.com.

Last month, the Federal Reserve System’s Board of Governors,
the Federal Deposit Insurance Corporation and the Office of the
Comptroller of the Currency approved a final rule that places
reporting requirements on banks and banking service providers.
Under this new rule, banks must report cybersecurity incidents
within 36 hours to federal regulators. In addition, banking service
providers must notify banks as soon as possible after suffering a
computer security incident. This new rule also requires banks to
inform customers of any computer security incident lasting more
than four hours.

This new rule is part of a current trend of requiring critical
infrastructures to report cybersecurity incidents. This rule goes
into effect starting April 1, 2022, and banks are required to be in
compliance by May 1, 2022. While the rule doesn’t go into
effect until next year, there are several ways that banks and
service providers can get prepared.

  1. Determine who will be responsible for reporting the
    incident to the regulators.     Cybersecurity incidents are
    stressful. While the rule provides a more extended deadline than
    the 12-hour reporting requirement for pipelines, 36 hours is still
    a quick turnaround. Taking the time now to identify the person
    responsible will…

Source…