For Limited Use Only: Guidance on National Security Delay Determinations under the SEC Cyber Reporting Rule

On December 12, 2023, the Department of Justice (“DOJ”) issued guidance related to the process by which companies may request the United States Attorney General authorize delays of cyber incident disclosures, pursuant to a new Securities and Exchange Commission (“SEC”) rule. As a reminder, the SEC rule (which went into effect on Dec. 18, 2023) requires companies to disclose material cyber incidents via Form 8-K within four days of making a materiality determination. Our colleagues previously discussed the SEC rule … Read the rest

Are you surprised to learn that the DOD has had more than 12,000 cyber attacks since 2015

BankInfoSecurity.com reported that in a US Senate hearing that “The Government Accountability Office in November reported the DOD had experienced more than 12,000 cyber incidents since 2015, although the annual rate of detected attacks has been declining.” The March 29, 2023 report entitled “Pentagon Doubles Down on Zero Trust” (https://tinyurl.com/yhne56xc) also included these comments from Department of Defense CIO John B. Sherman in testimony before the Senate Armed Forces Committee’s Cybersecurity Subcommittee:

We’ve committed to implementing zero trust across the … Read the rest