The U.S. Cybersecurity and Infrastructure Security Agency released cyberattack reporting rules for companies that operate critical infrastructure, The Wall Street Journal reports. The regulations require companies to "report significant cyberattacks within 72 hours and report ransom payments within 24 hours."
28 March 2024
CISA releases cyberattack reporting regulations
RELATED STORIES
Controllers, processors and subprocessors in chains
Notes from the IAPP Canada: Recommendations, calls to reform Privacy Act 'a good start'
A view from DC: Marriott and the minimum extent necessary
Retrospective: 2024 in state sectoral privacy law and AI law
Notes from the Asia-Pacific region: India's PM talks global governance for digital technology