OK, a huge thumbs up to Byte Federal for their breach notification letter. They frankly admit where they screwed up and what happened. I wish more notifications were as clear and straightforward as this one.

https://databreaches.net/2024/12/17/a-positive-example-of-forthright-breach-disclosure/

#databreach #transparency #disclosure #IncidentManagement #IncidentReporting #infosec

Timely, accurate incident reporting is now essential under the SEC Cyber Disclosure Rule.

Learn how to align your cyber strategy with regulatory demands:⬇️

https://hubs.la/Q02ZG8sv0

#IncidentReporting #Compliance #SEC #InfoSecurity

Confused by the wave of new EU cybersecurity regulations impacting the telecom sector?

Can't distinguish the obligations of the NIS2 Directive from those of NIS1? The Cyber Resilience Act (CRA) from the Critical Entity Resilience Act (CER)? And whatever happened to the European Electronic Communications Code (EECC)?

Telecom operators in the EU have to comply with all of these but the NIS2 Directive is the central one now. It ushers in by far the most substantial changes in telco cybersecurity strategy and day to day cybersecurity operations. Read more in this new HardenStance White Paper:
https://www.hardenstance.com/wp-content/uploads/2023/11/Telco-Takeaways-from-the-NIS2-Directive-FINAL.pdf

#nis2directive #incidentreporting #vulnerabilitydisclosure #threatintelligence

SEC Eyes Final Rules on Incident Disclosure, Board Expertise

Some of the comments to the ruling are good but to be effective, the regs have to create incentives to improve practices. Some of these will incent orgs to CYA instead.

#cyberregs #accountability #incidentreporting

https://www.databreachtoday.com/sec-eyes-final-rules-on-incident-disclosure-board-expertise-a-21593