HomeCyber BalkansRuling by US Supreme Court expected to result in chaos in cyber...

Ruling by US Supreme Court expected to result in chaos in cyber regulation

Published on

spot_img

In 2023, the US Securities and Exchange Commission (SEC) adopted rules mandating registrants to disclose any material cybersecurity incidents within four days of determining their importance. Additionally, companies were required to reveal material information regarding their cybersecurity risk management, strategy, and governance on an annual basis. The regulations were implemented despite the fact that the Securities and Securities Exchange Acts, upon which the SEC based its rules, did not directly mention cybersecurity.

On the FCC front, in 2023, the US Federal Communications Commission (FCC) modified and reinforced its data breach notification rules for communications providers to safeguard against unauthorized use or disclosure of customer data. By issuing updated regulations, the FCC significantly amplified its enforcement authority under the Communications Act, which specifically addressed protections for customer proprietary network information (CPNI) and not the broader spectrum of customer data covered in the Commission’s rules.

Moving on to the US Cybersecurity and Infrastructure Security Agency (CISA), in April 2024, it put forth a proposal to adopt the cyber incident reporting requirements established under the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA). The finalization of this rule is not expected until 2025. Throughout the development of this rulemaking, CISA had to interpret CIRCIA in a broader context to effectively implement the reporting requirements.

These regulatory developments mark significant progress in enhancing cybersecurity measures and ensuring the prompt reporting of cyber incidents. By enforcing stricter reporting guidelines and expanding regulatory authority, these agencies aim to improve data protection and bolster cybersecurity resilience in the face of evolving digital threats.

Overall, these regulatory changes signify a shift towards a more proactive approach to cybersecurity governance and risk management. Companies and organizations are now held to higher standards of transparency and accountability when it comes to managing and reporting cybersecurity incidents, reflecting the growing importance of cybersecurity in today’s interconnected digital landscape.

Source link

Latest articles

AI Bug-Finding Tools Require Human Validation

The Role of AI in Offensive Security: Balancing Speed with Human Insight In an evolving...

AWS Billing Bug Shows Trillion-Dollar Cost Estimates to Cloud Customers

Amazon Web Services Faces Major Billing Anomaly in Cost Explorer Tool Amazon Web Services (AWS)...

Scammers Exploit FaceTime for Social Engineering Tactics

Apple Warns Users About Social Engineering Scams Targeting FaceTime Apple Inc. has made a significant...

Hackers Compromise IIS Server and Launch Ransomware Attack Within 24 Hours

--- In June 2026, cybersecurity experts uncovered a coordinated and sophisticated cyber intrusion that began...

More like this

AI Bug-Finding Tools Require Human Validation

The Role of AI in Offensive Security: Balancing Speed with Human Insight In an evolving...

AWS Billing Bug Shows Trillion-Dollar Cost Estimates to Cloud Customers

Amazon Web Services Faces Major Billing Anomaly in Cost Explorer Tool Amazon Web Services (AWS)...

Scammers Exploit FaceTime for Social Engineering Tactics

Apple Warns Users About Social Engineering Scams Targeting FaceTime Apple Inc. has made a significant...