American companies are getting hacked, and the Securities and Exchange Commission wants corporate executives to do something about it.
Latest in Cybersecurity: Legislation
One way to combat uncertainty about the real costs of cyber incidents would be a federal disclosure law that establishes uniform reporting requirements for significant breaches of personally identifiable information and threats to critical infrastructure.
A review of the recently introduced 2017 Secure Elections Act.
The next National Defense Authorization Act (the NDAA FY’18) is nearing the finish line. A Conference Report is now available, and so the time has come for a closer look at some of the key provisions of interest to Lawfare readers. My colleague Scott Anderson is going to post a broad overview shortly. For my part, I’d like to walk you through the “Cyberspace-Related Matters” section (sections 1631-1649C).
The U.K’s new Green Paper, takes a stronger stance on internet regulation. The policies outlined, and those anticipated, will change the face of private sector internet operations.
The proposed bill from Sens. Mark Warner, Cory Gardner, Ron Wyden and Steve Daines is a good first step in securing the Internet of Things and U.S. government systems in particular.
The Senate moves to limit the Trump administration's ability to unilaterally roll back sanctions against Russia.
Today a bipartisan group of lawmakers introduced in both the House and Senate a bill that would formalize the Vulnerability Equities Process (VEP) into law.
Bobby Chesney raised a number of issues regarding the Active Defense Certainty Act, and I’m just getting into it now. I think Bobby’s comments are spot on, but I want to amplify some of his concerns.
Some thoughts on Representative Tom Graves's discussion draft of a bill that would create a defense to liability under the Computer Fraud and Abuse Act (CFAA) (18 USC 1030) for “active cyber defense measures."