As the UK Government has recognized, cyber incidents—such as Jaguar Land Rover, Marks and Spencer, Royal Mail and the British Library—are costing UK businesses billions annually and causing severe disruption. The Government recognizes that cybersecurity is a critical enabler of economic growth (“we cannot have growth without stability”), and that the current laws have “fallen out of date and are insufficient to tackle the cyber threats faced by the UK.” Accordingly the UK Government this week published its long-awaited Cyber … Read the rest
On December 12, 2023, the Department of Justice (“DOJ”) issued guidance related to the process by which companies may request the United States Attorney General authorize delays of cyber incident disclosures, pursuant to a new Securities and Exchange Commission (“SEC”) rule. As a reminder, the SEC rule (which went into effect on Dec. 18, 2023) requires companies to disclose material cyber incidents via Form 8-K within four days of making a materiality determination. Our colleagues previously discussed the SEC rule … Read the rest
BankInfoSecurity.com reported that in a US Senate hearing that “The Government Accountability Office in November reported the DOD had experienced more than 12,000 cyber incidents since 2015, although the annual rate of detected attacks has been declining.” The March 29, 2023 report entitled “Pentagon Doubles Down on Zero Trust” (https://tinyurl.com/yhne56xc) also included these comments from Department of Defense CIO John B. Sherman in testimony before the Senate Armed Forces Committee’s Cybersecurity Subcommittee:
We’ve committed to implementing zero trust across the … Read the rest