The DIB Vulnerability Disclosure Program (DIB-VDP), a joint venture between the DoD Cyber Crime Center (DC3), the Defense Counterintelligence and Security Agency (DCSA), and HackerOne, will bring better vulnerability disclosure practices to the DIB.
The Federal Trade Commission (FTC) is proposing new restrictions on the use and disclosure of children’s personal data and wants to make it much harder for companies to exclude children from their services if they can’t monetize their data, the agency announced Wednesday. The proposed overhaul of the Children’s Online Privacy Protection Rule (COPPA) is […]
Dive Brief: Two years after the historic disclosure of a critical zero-day vulnerability in the Apache Log4j library sent organizations racing to contain the damage, nearly 2 in 5 applications are still using vulnerable versions, according to a report released Thursday from Veracode. The report found nearly one-third of applications are running Log4j2 1.2.x, which […]
A Cambridge NHS trust has admitted two historic data breaches, stemming from the accidental disclosure of patient data in Excel spreadsheets in response to Freedom of Information (FOI) requests. Cambridge University Hospitals NHS Foundation Trust CEO, Roland Sinker, revealed the news yesterday, explaining that the first incident occurred in 2021 but had only “recently” come […]
Standards, Regulations & Compliance Official Says Disclosure Rule Includes Exceptions, Extensions for Smaller Companies Chris Riotta (@chrisriotta) • November 16, 2023 The new U.S. SEC reporting rule for material cyber incidents goes into effect Dec. 18 for large public companies. (Image: Shutterstock) The U.S. Securities and Exchange Commission is providing extra time for […]
The newly released Security and Exchange Commission (SEC) cyber incident disclosure rules have been met with mixed reviews. Of particular concern is whether public companies who own and operate industrial control systems and connected IoT infrastructure are prepared to fully define operational risk, and therefore are equipped to fully disclose material business risk from cyber […]