Compliance requirements are meant to increase cybersecurity transparency and accountability. As cyber threats increase, so do the number of compliance frameworks and the specificity of the security controls, policies, and activities they include. For CISOs and their teams, that means compliance is a time-consuming, high-stakes process that demands strong organizational and communication skills on top […]
Dive Brief: Cybersecurity requirements and questions for vendors should be included in utilities’ procurement processes, state regulators and the U.S. Department of Energy recommended Thursday in a set of “cybersecurity baselines” aimed at improving the security of distribution systems and distributed energy resources. The National Association of Regulatory Utility Commissioners and DOE’s Office of Cybersecurity, Energy […]
The Securities and Exchange Commission introduced new requirements for disclosing material cybersecurity incidents on Sept. 5, placing pressure on organizations to adopt robust reporting mechanisms. The C-suite impact is clear: company leadership must be able to quickly determine whether an incident is material to business operations. A four-business-day clock at that point starts ticking, a […]