Wednesday , November 13 2024

New rules to Reveal Cyber Attacks Within 4 Days

Securities and Exchange Commission (SEC) of United States has recently given its approval to groundbreaking regulations. These regulations oblige publicly traded companies to promptly disclose any significant cyberattacks within a maximum of four days of detection. This marks a significant departure from the previous method of disclosing computer breaches.

“Whether a company loses a factory in a fire — or millions of files in a cybersecurity incident — it may be material to investors,” SEC chair Gary Gensler said. Public companies now offer cybersecurity disclosure to investors in great numbers. Making this disclosure in a consistent, comparable, and decision-useful manner would greatly benefit both companies and investors.

CISA Warns of 3 Critical Vulnerabilities in Industrial Control Systems

On November 7, 2024, CISA released advisories about 3 critical security issues, vulnerabilities, and exploits related to Industrial Control Systems...
Read More
CISA Warns of 3 Critical Vulnerabilities in Industrial Control Systems

Cyberattack Disrupts Israel’s Gas and Payment Systems

A cyberattack on an Israeli clearing company on Sunday left some people unable to use their credit cards for shopping...
Read More
Cyberattack Disrupts Israel’s Gas and Payment Systems

Russia blocks thousands websites using Cloudflare’s privacy service

Russia's media censor, Roskomnadzor, has blocked thousands of local websites using Cloudflare's encryption feature that enhances online privacy and security....
Read More
Russia blocks thousands websites using Cloudflare’s privacy service

Hacker to sale Indian Gov.t email credentials

Advertisement for selling the credentials of allegedly belonging to Indian government emails surfaced on the dark web marketplace. A hacker...
Read More
Hacker to sale Indian Gov.t email credentials

Cyberattacks increase 105% in third quarter of 2024 in Bangladesh

Bangladesh faced a 105% rise in cyber incidents from the second to the third quarter of 2024, making it one...
Read More
Cyberattacks increase 105% in third quarter of 2024 in Bangladesh

Developers alert: Malicious ‘fabrice’ Package Steals AWS Credentials

The Socket Research Team has discovered a malicious package named "fabrice," pretending to be the legitimate fabric SSH automation library....
Read More
Developers alert: Malicious ‘fabrice’ Package Steals AWS Credentials

CISA alerts active exploitation of Palo Alto networks vuln

CISA has added a patched critical security flaw in Palo Alto Networks Expedition to its Known Exploited Vulnerabilities catalog due...
Read More
CISA alerts active exploitation of Palo Alto networks vuln

Critical bug in Cisco UWRB access points to run commands as root

Cisco has fixed a critical vulnerability, CVE-2024-20418, that allowed unauthenticated remote attackers to gain root access on Ultra-Reliable Wireless Backhaul...
Read More
Critical bug in Cisco UWRB access points to run commands as root

“ToxicPanda” banking trojan from Asia hit Europe and LATAM

In late October 2024, Cleafy’s Threat Intelligence team noticed a surge in a new Android malware known as TgToxic. However,...
Read More
“ToxicPanda” banking trojan from Asia hit Europe and LATAM

(CVE–2023-46747)
Hacker exploit Critical F5 BIG -IP Vulnerability in Bangladesh: CIRT report

Cyber Threat Intelligence Unit of BGD e-GOV CIRT found evidence of compromise linked to the vulnerability in F5 BIG-IP systems...
Read More
(CVE–2023-46747)  Hacker exploit Critical F5 BIG -IP Vulnerability in Bangladesh: CIRT report

In order to achieve this goal, the new requirements oblige companies to disclose not only the nature, scope, and timing of the iPlease simplify the text below, while retaining its main idea.

“Please provide a detailed report not only describing the incident, but also explaining its impact.” Disclosure may be delayed by up to 60 days if it is determined that providing specific information would endanger national security or public safety.

Registrants must provide an annual description of the methods and strategies used to assess, identify, and manage material risks from cybersecurity threats. They must also report on the material effects or risks resulting from these events, and provide information on ongoing or completed remediation efforts.

“The key word here is ‘material’ and being able to determine what that actually means,” Safe Security CEO Saket Modi told The Hacker News. “Most organizations are not prepared to comply with the SEC guidelines as they cannot determine materiality, which is core to shareholder protection. They lack the systems to quantify risk at broad and granular levels.”

The rules do not cover specific technical information about the registrant’s planned response to the incident, their cybersecurity systems, related networks and devices, or potential system vulnerabilities that could hinder their response or fixing of the incident.

Proposed in March 2022, this policy aims to enhance transparency regarding the threats that American companies encounter from cybercrime and nation-state actors. Its objectives include closing gaps in cybersecurity defense and disclosure practices, as well as strengthening systems against data theft and intrusions.

Kroll reports that Cl0p, a ransomware gang, has been on a cyber attack rampage, targeting over 500 companies. These attacks have been possible due to the gang’s exploitation of critical vulnerabilities in commonly used enterprise software. Furthermore, Kroll reveals that the threat actors have adopted innovative data exfiltration techniques, successfully stealing valuable information.

According to Amit Yoran, Tenable’s CEO and Chairman, the recently implemented regulations regarding cyber risk management and incident disclosure are not just accurate, but also represent a significant leap towards achieving enhanced transparency and accountability.

Yoran stressed the need to inform investors about an organization’s efforts in managing cyber risks. This is crucial because cyber breaches can have serious consequences and damage the organization’s reputation.

However, some people have expressed concerns about the tight timeframe, as it could potentially lead to inaccurate disclosures. This is because companies may need several weeks or even months to thoroughly investigate a breach. Furthermore, issuing breach notifications prematurely can potentially alert other malicious individuals to a vulnerable target and intensify security threats.

James McQuiggan, security awareness advocate at KnowBe4, acknowledged that the new SEC requirement of reporting cyber attacks or incidents within four days may appear aggressive at first glance. However, he pointed out that compared to other countries, this timeframe is actually more lenient.

“Within the E.U., the U.K., Canada, South Africa, and Australia, companies have 72 hours to report a cyber incident. In other countries like China and Singapore, it’s 24 hours. India has to report the breach within six hours.”

“Organizations should have clear and documented incident response plans that include communication plans, procedures, and requirements for involving relevant personnel,” explained McQuiggan.

Check Also

CISA

CISA Launches Its First Ever International Strategic Plan

The US Cybersecurity and Infrastructure Security Agency (CISA) has released its first international strategic plan …

Leave a Reply

Your email address will not be published. Required fields are marked *