Strict new cybersecurity regulations for pipeline owners and operators issued after the Colonial Pipeline ransomware attack will transition to a performance-based model that will enhance security and provide the flexibility.
It’s about time, AttackIQ’s Jonathan Reiber said about 24H/72H report deadlines mandated in the new spending bill. As it is, visibility into adversary behavior has been muck.
The SEC is currently considering rules that would require all publicly traded companies to report a significant cyber incident to investors within four business days.
The Department of Transportation is looking to fine Colonial Pipeline nearly $1 million for a series of safety violations in the wake of the May 2021 DarkSide ransomware attack.