- Chief Compliance Officer and VP of Legal Affairs, Arrow Electronics
By 
Adrianne Appel2024-03-28T20:52:00
Financial businesses and other critical infrastructure entities would have to report significant cybersecurity and ransomware incidents to the federal government under a new rule that will be proposed by the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA).
CISA is offering organizations a preview of the proposal before it is officially released next Thursday as a notice of proposed rulemaking. CISA, which is responsible for understanding, managing, and reducing risks to critical infrastructure from digital and physical attacks, will seek public comments on the draft rule, according to a press release Wednesday.
Public comment will be open for 60 days following publication in the Federal Register.
THIS IS MEMBERS-ONLY CONTENT. To continue reading, choose one of the options below.
News and analysis for the well-informed compliance or audit exec. Select an option and click continue.
Annual Membership $499 Value offer
Full price one year membership with auto-renewal.
Membership $599
One-year only, no auto-renewal.
American Water Works Company, which supplies drinking water and wastewater to 14 million customers, disclosed a breach of its computer networks and system due to a cybersecurity incident.
The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency has created a new online portal for organizations to voluntarily report cybersecurity incidents, including ransomware attacks.
The Environmental Protection Agency is increasing its inspections of public drinking water systems after finding a majority of those reviewed were vulnerable to cyberattacks and related threats.
Breaches of the EU’s GDPR can cost companies substantial sums and huge reputational damage. Now some are warning that the implementation of the EU’s AI Act will be just as far-reaching, and could potentially lead to similar numbers of cases.
Any product that uses AI needs to be safety assessed for its entire lifespan under new rules that went into effect recently across the EU. Experts warned companies using AI to tailor products could be classed as “manufacturers” and face the same duty of care as developed.
When lawmakers slam the U.K.’s chief financial regulator as “incompetent,” it not only opens the doors for others to pile criticism on it, but it sparks a debate about how the organization can be improved–or removed.
