CISA Proposes Sweeping Cyber Incident Reporting for U.S. Companies

The federal government is one step closer to requiring approximately 315,000 businesses to report cyber incidents and ransomware payments. 

Event Recap: Spring Into Privacy with the NIST Privacy Engineering Program

The NIST Privacy Framework is getting a little "Spring Cleaning." Officials from NIST's Privacy Engineering Program updated participants on updated to the Privacy Framework and other projects at an event last week.

Multiple Organizations Request 30-day Extension on CIRCIA Comments

The Cybersecurity Coalition, U.S. Chamber of Commerce, and 23 other organizations have requested a 30-day extension to the comment period for the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) from CISA.

Cybersecurity Coalition Releases EU Policy Roadmap 2024-2029

At CyberNext Brussels, the Cybersecurity Coalition released an EU Policy Roadmap that would help ensure Europe's collective digital resilience.

Ransomware: ‘costly and impactful’ and now a staple national security risk

Two reports released by the U.S. government provide important insights into the state of the ransomware threat stating that it is still costly and impactful and a staple national security risk.

CISA Finalizes Secure Software Development Self-Attestation Form

CISA published a final version of the Secure Software Development Attestation Common Form, which quires software vendors to sign the form, self-attesting that they comply with secure software practices.

Cyberspace Solarium Commission 2.0 with Mark Montgomery (DCP S2 E1)

In our latest Distilling Cyber Policy podcast episode, Alex Botting and Jen Ellis from the Center for Cybersecurity Policy & Law are joined by Mark Montgomery, Senior Director and Senior Fellow at the Foundation for the Defense of Democracies.

Detour or Deadlock? Decoding the Suspended UN Cybercrime Treaty Negotiations

After years of negotiating, the United Nations cybercrime treaty is stalled due to large scale disagreements on scope, terminology, and other details that lead to suspension of the Convention and the tentative decision to reconvene another session.

CR2 Briefs WTO on Cybersecurity Components in Trade

The Coalition to Reduce Cyber Risk held a briefing at the World Trade Organization in Geneva, Switzerland focused on forthcoming research around the inclusion of digital trade and cybersecurity components in trade agreements

Is Phishing-Resistant MFA Table Stakes?

A token with a six-digit code was the ultimate in MFA but with the rise of AI and other sophisticated attacks organizations need to look at phishing-resistant authentication.