Author: rescue@crimefire.in

Join top executives in San Francisco on July 11-12, to hear how leaders are integrating and optimizing AI investments for success. Learn More

Security awareness is an organization’s greatest defense against threat actors.  Yet, research shows that last year, 80% of organizations suffered one or more breaches that they could attribute to a lack of cybersecurity skills and/or awareness. 
As a result, cybersecurity training is one of the easiest ways that an organization can protect its data from threat actors. That’s why cybersecurity training and upskilling providers like RangeForce, which today announced it has raised $20 million as part of a series B financing round, are receiving growing interest from investors. 
RangeForce’s solution provides organizations with a cloud-based platform to assess, refine and validate cyber-readiness with content mapped to industry frameworks such as MITRE ATT&CK and D3FEND. Through RangeForce’s platform, security teams can practice containing simulated attacks in a staged environment. 
More broadly, this funding indicates that security awareness is playing a critical role in helping organizations maintain their data security. After all, employees not only need to have the awareness to spot common threats like phishing emails and social engineering scams, but security teams also need to learn how to remediate breaches ASAP to minimize the damage. 
Transform 2023
Join us in San Francisco on July 11-12, where top executives will share how they have integrated and optimized AI investments for success and avoided common pitfalls.
 
Security awareness has grown ever more important over the past few years, as more and more cybercriminals have turned to manipulating employees with phishing emails and social engineering scams to give up information. Research from Verizon shows that 82% of breaches involve the human element. 
“While the skill shortage plagues cybersecurity, attackers are not letting up. As a result, overloaded cybersecurity teams struggle to build and validate key defensive skills when it matters most: before an attack,” said Taavi Must, CEO and cofounder of RangeForce. 
Preventing breaches now comes down to focusing on mitigating human risk. “Humans are the weakest link in cybersecurity. By strengthening human defense readiness with RangeForce, organizations reduce their cyber-risk and their human capital spend,” Must said. 
RangeForce’s approach is focused on enabling employees to develop the hands-on cyberskills they need via simulated breach exercises, so they can identify and respond to social engineering threats and phishing scams. 
Cybersecurity Ventures estimates that the overall market for security awareness training products and services will be worth $10 billion annually by 2027. 
One of RangeForce’s main competitors, Immersive Labs, has raised $66 million in funding for a cyberworkforce-resilience platform that provides security teams with cyberevent simulations and cybersecurity labs to measure an organization’s cyber knowledge. 
Another competitor is Cyberbit, which raised $70 million in funding from Charlesbank in 2020. Cyberbit’s platform enables security teams to undergo cyberattack simulations to identify gaps in their incident response capabilities via a readiness score. 
Must argues that the key differentiator between RangeForce and other competitors is its continuous cyber-readiness assessment capabilities. 
“RangeForce is designed to teach learners, providing enough support to snare consistent and continuous improvement, Must said. “We guide learners through a concept and ensure their comprehension, rather than just assessing their knowledge.”
VentureBeat’s mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Discover our Briefings.
Want must read news straight to your inbox?
© 2023 VentureBeat. All rights reserved.

source

Request for Class Action Certification
On March 6, 2023, a request was sent to HUB Cyber Security Ltd. (the “Company”) for approval of a class action which was filed in the Tel Aviv District Court - the Economic Department against the Company and its officers and directors (“request for approval” and “defendants”, respectively). The subject of the request for approval, according to what is claimed in it, is that over a period of time from March 2022 until February 2023 the Company published immediate reports in Israel to the Israel Securities Authority and the securities exchanges in Israel, that it had received an irrevocable investment commitments of $50 million in a PIPE financing (the “PIPE Financing”) that was to be consummated simultaneously with the closing of the Company’s business combination with Mount Rainier Acquisition Corp (“Mount Rainier”).
The reason for which the request for approval was submitted is an alleged violation of the provisions of Israeli securities laws about disclosure and violations of the duties of care and negligence of the office-holders of the Company in representing to investors that they did indeed have a commitment from investors to complete the PIPE Financing and that the PIPE Financing ultimately failed to fund at the closing of the business combination at the published pro forma value of $1.28 billion.
The group that the applicant seeks to represent in the request for approval includes all those who purchased shares of the Company from March 23, 2022, the date that the Company announced the proposed business combination with Mount Rainier, through February 23, 2023, the last day of trading of the Company on the Tel Aviv Stock Exchange. The assessment of the claimed damage as part of the approval request is NIS 91.24 million.
As of the date of this report, the Company is still examining the claim and therefore, at this stage, is unable to assess the chances of the claim being approved as a class action and/or its scope, and if approved, whether it will have a material impact on the Company’s results of operations or financial condition.
Attachments
Disclaimer
HUB Cyber Security Israel Ltd. published this content on 07 March 2023 and is solely responsible for the information contained therein. Distributed by Public, unedited and unaltered, on 07 March 2023 21:27:25 UTC.

source

The White House has announced a new cybersecurity strategy in the latest effort by the US government to bolster its cyber defences amid a steady increase in hacking and digital crimes targeting the country.
The strategy, which is intended to guide future policy, urges tighter regulation of existing cybersecurity practices across industries and improved collaboration between the government and private sector.
It seeks to broadly improve industry accountability over the cybersecurity of American critical infrastructure, such as hospitals and dams.
The Biden administration has also announced a new plan to improve the digital defences of public water systems.
The water system plan, which recommends a series of rules placing more responsibility for securing water facilities at state level, follows several high-profile hacking incidents in recent years.
New Zealand has become the latest nation to limit use of the video-sharing app TikTok on devices with access to the parliamentary network, amid cybersecurity concerns.
As of 20 March, 10 economies had taken steps to ban the app, including the US and UK, which has banned TikTok on government phones with immediate effect.
The UK government asked the National Cyber Security Centre to look at the potential vulnerability of government data from social media apps and risks around how sensitive information could be accessed and used.
The US government’s Committee on Foreign Investment in the United States (CFIUS), a powerful national security body, in 2020 unanimously recommended ByteDance divest TikTok because of fears that user data could be passed on to China’s government.
In early March, legislators from both major US parties introduced a bill to ban the app in the United States. Congress previously passed a bill in December 2022 to ban TikTok on federal devices.
TikTok said on 20 March the app now has 150 million monthly active users in the US, up from 100 million in 2020.
In late February, the European Union’s two biggest policy-making institutions – the European Commission and the EU Council – banned TikTok from staff phones for cybersecurity reasons.
One of Australia’s top government bureaucrats has demanded Russia crack down on the large number of cybercriminals operating in the country, saying their actions posed a threat to national security. Canberra is currently reforming its cybersecurity policy following a raft of cyberattacks on some of the country’s largest companies.
The move comes after more Australian firms were targeted with cyberattacks. Actions targeting digital payments and lending firm Latitude Group Holdings bring the total number of attacks to 12 since September 2022.
The top US markets regulator has proposed a suite of new policies designed to harden the financial system against hacking, data theft and systems failure. The Securities and Exchange Commission’s five members voted at a public meeting to propose rules on protecting consumer financial data, preventing hacking at stock exchanges and broker-dealers, and buttressing the resiliency of market infrastructure.
China has announced plans for a national data bureau, describing it as part of an effort to coordinate data resources in the country and to achieve a vision of “digital China” conceived by President Xi Jinping. Analysts at Chinese investment bank Citic Securities say areas to watch include data processing and data encryption.
Experts are warning that cybercriminals and scammers are taking advantage of the urgent need for aid in south-eastern Türkiye and north-western Syria, following the devastating earthquake in February – launching fake online donation platforms and charities to swindle donors out of their money.

President Joe Biden’s new National Cybersecurity Strategy outlines steps the government is taking to secure cyberspace and build a resilient digital ecosystem that is easier to defend than attack – and that is open and safe for all. Here’s an in-depth look at the plan, including how the World Economic Forum’s cybersecurity efforts support the priorities identified.
In a fast-evolving digital ecosystem, decision-makers in government, industry, academia and civil society need to anticipate and address tomorrow’s cybersecurity challenges to stay ahead of the curve. We’ve identified seven key insights, tensions, and trade-offs that will likely shape the future of cybersecurity and that can help an organization better prepare to face cyberthreats.

In this era of “polycrisis” with renewed threats from growing geopolitical tensions, achieving cyber-resilience is one of the biggest cybersecurity challenges: it is not a one-time or a one-actor effort, a harmonized approach that stretches across borders and businesses is necessary.
About Us
Events
Media
More from the Forum
Partners & Members
Language Editions
Privacy Policy & Terms of Service
© 2023 World Economic Forum

source

EXECUTIVE MANAGEMENT
APPLICATION SECURITY
Enterprise security professionals must be proactive in dealing with the security risks that are rising in today’s business environment. A solid strategy is necessary to deal with incoming threats, and awareness is the first step in developing effective cyber defenses. Data is easily accessible within many organizations, and when confronted with security risks, employees often do not know how to mitigate them. Security awareness training empowers employees to take corrective measures.
This whitepaper discusses some of the top security concerns and issues that organizations currently face, which include:
Apart from outlining the threats, the aim of security awareness training should also offer guidance on the importance of security awareness, the challenges involved, and how to overcome these challenges. As cybersecurity threats constantly change, security awareness training should be designed to help employees be alert to the latest threats and take appropriate defensive steps.
 
Organizations must educate employees on the importance of protecting their data and systems, regardless of their job function. Running phishing simulations, conducting vulnerability assessment tests, and creating personalized content for security training and education are vital in improving defense systems. Making updates should prioritize feedback from these processes. When employees know about cyber security risks, organizations are less likely to be hacked and can worry less about massive data breaches. Read the complete whitepaper here.
"*" indicates required fields
© 2022 EC-Council

source

This is a carousel. Use Next and Previous buttons to navigate
Abigail Peterson (right), a senior in Information Security and Intelligence, works with graduate student Will Allington (left) on research for Ferris State University’s new course Satellites and space cybersecurity. 
Abigail Peterson (right), a senior in Information Security and Intelligence from White Lake, works with Kyle Bowen (left) on research for Ferris State University’s new course Satellites and space cybersecurity. 
Satellites and space cybersecurity is a brand new first-year course at Ferris State University in the Information Security and Intelligence program. 
BIG RAPIDS — A first-year course in Ferris State University’s Information Security and Intelligence program now represents a significant work in progress in supporting the Center for Cybersecurity and Data Science, a course that will require at $32.5 million facility being built on campus. 
Satellites and Space Cybersecurity is a brand new course in which student researchers pursuing master’s degrees and upper-level students are working under the direction of Molly Cooper, an associate professor in the Information Security and Intelligence program.
Leading the student research is Will Allington, a graduate student from Howard City, who says this seven-week course reviews space cybersecurity.
Allington said the class will offer new opportunities to explore the space communications field.
“In an accelerated format, we will address many aspects of the space system, where an orbiting satellite has a network of ground equipment that supports its data delivery,” Allington said. “ISIN 380 is a class for juniors and seniors, where they rely on previous coursework to help make appropriate determinations in this rapidly changing communications field.”
A wide range of orbiting communications equipment is under consideration for study including space vehicles weighing more than two tons to picosatellites — a small satellite, miniaturized satellite — whose mass is only a pound or two and provides a short service life in amateur communications.
Cooper said the class is a pilot offering in the fall, and the half-semester course this spring is its official addition to the curriculum.
The university is just getting started in a five-year education partnership agreement with the National Security Agency.
“We are excited to be developing coursework that can be focused into a graduate certificate program to outfit professionals with the learning they need to begin careers in space cybersecurity,” Cooper said.
The federal government has authorized defense laboratories to create partnerships with institutions including, colleges, universities and nonprofits dedicated to fields such as STEM, business and law.
The NSA will offer experts to help develop academic projects and programs in STEM-related fields. The agency also will provide academic and career advice to students and offer program and research advice to Ferris faculty and staff.
Allington said that the course’s development is valuable to the national and global community and the students who will gain from the experience.
“The race is on to place satellites, with the spectrum becoming rather crowded,” Allington said. “There are considerations in international law, and one of many goals here is to avoid the presence of ‘space junk’ through best practices that promote stewardship and careful attention to satellite operations.”
Information Security and Intelligence also has collaborative relationships with the Department of Homeland Security, The Pentagon and numerous Fortune 500 companies.
The Security Intelligence will be among the programs moving into the new Center for Virtual Learning on the Big Rapids campus this fall.
The $32.5 million facility, which includes $22 million from the state of Michigan, will feature next-generation classrooms and labs, an advanced Cyber Competition Center and an e-sports arena.
 

source

NEW YORK, March 1, 2023 /PRNewswire/ — Offensive Security (OffSec), the leading provider of hands-on cybersecurity education, today unveiled a refreshed brand identity including a new, shortened name, OffSec. This update reflects OffSec’s commitment to helping cybersecurity professionals and organizations look beyond traditional training and certification to provide additional educational content and hands-on resources that help learners advance in their field and companies develop their security team members.
The abbreviated name reflects OffSec’s move beyond offensive security topics with expansion into new areas such as defensive security, and new learning paths for today’s most in-demand cybersecurity job roles. The OffSec brand also speaks to the company’s expansion beyond training and beyond certification to a continuous learning model that supports the unique needs of organizations and individual learners alike. The company’s new tagline, The Path to a Secure Future™, highlights OffSec’s commitment to supporting security professionals and infosec teams in achieving cyber preparedness through a growing skills library focused on keeping pace with evolving cyber threats.
Offensive Security built its global reputation on training penetration testing with its flagship course, Penetration Testing with Kali Linux and the OSCP certification. The company is the developer and maintainer of Kali Linux, the widely-popular open-source distribution used by infosec professionals worldwide. More recently, OffSec has since moved well beyond foundational pentesting topics and has added new content and certifications in Cloud Security, Web Application Security, Secure Software Development, Security Operations, and Exploit Development. The ever-growing OffSec Learning Library (OLL) currently includes nearly 6,000 hours of written content, 1,500 videos, 2,500 practical exercises, and 900 hands-on labs, with more being added all the time. The OLL features an unmatched depth and breadth of content, helping learners build indispensable skills by offering a comprehensive variety of role-specific content, from entry-level to advanced.
“OffSec broke the mold when we started with a new way of presenting information security training, and with the OffSec Learning Library we are so excited to do it again,” Jim O’Gorman, Chief Content and Strategy Officer at OffSec said. “Our library approach allows us to continue to offer our industry-leading content, but in a more flexible non-linear approach allowing for a more customizable learning experience. Learners can engage with OffSec content in a course-based context, follow learning paths specific to job roles or skill sets, or pick and choose their own pathway through a multitude of learning units and modules. This approach allows everyone, regardless of skill level or experience, to have custom access to unparalleled cybersecurity learning content, all of which embody OffSec’s highly-regarded and time-tested approach and methodology.”
About the brand refresh, Scott Ablin, OffSec’s Chief Marketing Officer said, “Since our inception, we’ve been at the forefront of cybersecurity education and offered training by the best practitioners. We defined the industry with our intense, hands-on, practical approach. As OffSec, we are expanding our content and learning paths to prepare learners for career advancement and organizations for current and future threats. We all know the cybersecurity threat landscape is continually changing, and our new brand symbolizes our commitment to keeping pace for individual professionals looking for education to advance their career and organizations who seek to recruit, retain, and upskill top talent.”
Elements of the refreshed identity include:
New Logo:
The logo mark is now in a circular shape to mirror the “O” in OffSec. It has morphed from the familiar Offensive Security door icon to the shape of a path, symbolizing the onward voyage for infosec professionals and teams.
New Brand Colors:
Previously red and black, the rebranded logo mark is rendered in a teal-to-purple gradation, reflecting the process of educational change experienced by learners, a movement driven by a philosophy dedicated to transforming students into industry leaders.
New Tagline: The Path to a Secure Future™
OffSec defined the industry with its intensive, practical approach. Our methodology, content, and learning paths prepare organizations and learners for whatever lies ahead on their journey – whether it’s securing their future by upskilling for an individual, or team development that provides organizations a more secure posture.
New Website Address:
Website visitors can learn more about the company, purchase a course or package, request a meeting, or explore free learning resources at offsec.com.
About OffSec
OffSec is the leading provider of continuous professional and workforce development, training, and education for cybersecurity professionals. Created by the community for the community, OffSec’s one-of-a-kind mix of practical, hands-on training and certification programs, virtual labs, and open-source projects provide practitioners with the highly desired offensive skills to get a job, advance their careers and better protect their organizations. OffSec is committed to funding and growing Kali Linux, the leading operating system for penetration testing, ethical hacking, and network security assessments. For more information, visit offsec.com and follow @OffSectraining and @kalilinux on Twitter.
Copyright © 2023 Informa PLC Informa UK Limited is a company registered in England and Wales with company number 1072954 whose registered office is 5 Howick Place, London, SW1P 1WG.

source

If you’re looking to train yourself and employees in solid cybersecurity measures, security awareness training is essential.
The increasing number of data breaches, unintentional leaks, and other incidents are forcing individuals and companies to learn how to defend themselves against cybersecurity threats.
One of the ways to protect yourself from cyber threats is to undergo security awareness training. Training people about cybersecurity helps them stay safe online and at home. Awareness training, for instance, can help prevent cyber threats and promote strong security cultures.
Cybersecurity awareness is the ongoing process of educating and training people about online security threats as well as how to spot and respond to ransomware, phishing, hacking, and other attacks. It includes being aware of the risks associated with using the internet, email, and social media.
The best approach to spreading awareness is equipping people with the knowledge they need to identify, prevent, and fix security issues. Here are the two top cybersecurity awareness training courses.
KnowBe4 is a leading player in security awareness training that aims to equip individuals with the knowledge and tools they need to make wiser security decisions.
The platform offers a massive library of security awareness training content. The training materials include over 1,000 interactive modules, games, and videos.
KnowBe4 supports the simulation of various phishing attacks and allows companies to create custom templates and campaigns. It also provides reporting and insights to monitor the success of your security awareness training campaigns.
Cofense is a training services company that offers thousands of educational resources, including videos and infographics. It provides training with a specific emphasis on phishing and email security topics.
The company provides a variety of pre-built, but customizable phishing scenarios, including malicious attachments and landing pages. In addition, the platform uses machine learning to recommend phishing scenarios.
Enforcing cybersecurity awareness training is a great way to build a risk-aware workforce. It can help minimize online security risks, including phishing attempts, malware infections and data breaches.
Data breaches, in particular, cost companies millions of dollars, most of which result from human error. A key goal of awareness training is to minimize the contribution of human error in causing or facilitating security breaches.
Denis is an environmental science graduate who started freelance writing in 2016, while still working as a loan officer. He mostly writes on topics related to cybersecurity threats, security vulnerabilities, and cloud security best practices. In his spare time, he enjoys reading, watching movies, and listening to music.

source

An official website of the United States government
Here’s how you know
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search
WASHINGTON – Today, the Cybersecurity and Infrastructure Security Agency (CISA) held its sixth Cybersecurity Advisory Committee meeting, the first quarterly meeting of 2023.  
Swearing in the new members announced yesterday, Director Easterly highlighted how their background and expertise will provide additional insight into how CISA can protect the nation’s critical infrastructure from increasing cyber threats, to include informing our work to help ‘target-rich, cyber-poor’ sectors. She discussed how bringing on leaders with rich background in government, including two former Congressmen, the recently retired National Cyber Director, and leaders from the State of New Hampshire and the UK’s former CEO of National Cyber Security Centre is critical to our efforts to collaborate across all levels of government and across the globe. She also spoke to the collective insight of the group from leading technology manufacturers, including several new members, that will inform our work to encourage technology manufacturers to build products that are both secure by default and secure by design. 
Director Easterly then led a discussion on CISA’s response to the recommendations submitted at the September 2022 meeting and subcommittees’ path forward.  Chairs of each subcommittee, including Transforming the Cyber Workforce, Turning the Corner on Cyber Hygiene, Technical Advisory Council, Building Resilience and Reducing Systemic Risk to Critical Infrastructure, National Cybersecurity Alert System, and Corporate Cyber Responsibility, discussed the path forward and work to come based on this feedback. 
Established in 2021, the Committee, was created to provide recommendations to the CISA Director that will help to advance the cybersecurity mission of CISA as well as strengthen the cybersecurity of the United States.   
“I am thrilled to welcome our newest members, who bring a wealth of experience from across government and industry and look forward to their added perspectives in making recommendations to build a more cyber resilient nation to confront the cybersecurity challenges we face,” said CISA Director Jen Easterly. The insightful recommendations the Committee has already developed, and their continuous work are instrumental in helping CISA become the Nation’s Cyber Defense Agency our nation needs and deserves.” 
 The next CISA Cybersecurity Advisory Committee meeting will be in-person in June. Details and information on how to attend will be forthcoming.        
 The full agenda from today’s meeting is available here. More information on CISA’s Cybersecurity Advisory Committee is available here.
About CISA 
As the nation’s cyber defense agency and national coordinator for critical infrastructure security, the Cybersecurity and Infrastructure Security Agency leads the national effort to understand, manage, and reduce risk to the digital and physical infrastructure Americans rely on every hour of every day.
Visit CISA.gov for more information and follow us on Twitter, Facebook, LinkedIn, Instagram. 

source

99% of all businesses across the United States and Canada are mid-sized businesses facing cybersecurity challenges, according to a Huntress report.

Aimed to gain insights into organizational structure, resources and cybersecurity strategies, the results contextualize challenges across core functions including gaps in toolkits, planning, staffing, security awareness training and difficulty to secure cybersecurity insurance.
“In some regards, this research tells a virtual ‘Tale of Two Cities’ for mid-size and smaller businesses. Many report solid progress in strengthening their cyber defenses, while others acknowledge they face significant gaps in resources and talent that substantially increases their cyber risk,” commented Kyle Hanslovan, CEO of Huntress.
Mid-sized businesses are increasingly aware of the need for layered cybersecurity strategies. However, more tools doesn’t necessarily equal more protection.
Research showed a large portion of respondents weren’t deploying threat monitoring, endpoint detection and response, vulnerability scanning, patch management or network detection and response.
Perhaps most alarming, 47% of respondents reported their organization does not currently have an incident response plan, which puts the organization at a severe disadvantage for quickly and effectively fighting off security incidents when they occur.
Beyond lacking necessary security solutions, mid-sized businesses also struggled to implement basic training measures and recruit the necessary staff. In fact, 61% of respondents say they do not have dedicated cybersecurity experts in their organization and only 9% say their workers adhere to security best practices.
These gaps create major obstacles when fighting off cyberattacks in today’s advanced threat landscape as the fewer defenders there are to bolt the door shut, the more paths there are for cybercriminals to get through the defenses.
While this challenge permeates businesses of all sizes, mid-sized companies are often strapped for money and resources, making it more difficult to effectively recruit and retain the talent they desperately need.
Mid-sized organizations are feeling the residual effects of their security gaps when going through the process of securing cyber insurance. While the demand for cyber insurance is increasing, it’s becoming harder to secure because the fundamentals aren’t being adequately met.
Findings showed that while 69% of respondents reported they are required to carry some form of cyber insurance, nearly 30% reported having no cyber insurance coverage, highlighting the immediate need to shore up cyber hygiene in order to lock in protection.

source

Company Filings
FOR IMMEDIATE RELEASE
2023-52
Washington D.C., March 15, 2023 —
The Securities and Exchange Commission today proposed requirements for broker-dealers, clearing agencies, major security-based swap participants, the Municipal Securities Rulemaking Board, national securities associations, national securities exchanges, security-based swap data repositories, security-based swap dealers, and transfer agents (collectively, “Market Entities”) to address their cybersecurity risks.
“I am pleased to support this proposal because, if adopted, it would set standards for Market Entities’ cybersecurity practices,” said SEC Chair Gary Gensler. “The nature, scale, and impact of cybersecurity risks have grown significantly in recent decades. Investors, issuers, and market participants alike would benefit from knowing that these entities have in place protections fit for a digital age. This proposal would help promote every part of our mission, particularly regarding investor protection and orderly markets.”
Market Entities increasingly rely on information systems to perform their functions and provide their services and thus are targets for threat actors who may seek to disrupt their functions or gain access to the data stored on the information systems for financial gain. Cybersecurity risk also can be caused by the errors of employees, service providers, or business partners. The interconnectedness of Market Entities increases the risk that a significant cybersecurity incident can simultaneously impact multiple Market Entities causing systemic harm to the U.S. securities markets.
The proposal would require all Market Entities to implement policies and procedures that are reasonably designed to address their cybersecurity risks and, at least annually, review and assess the design and effectiveness of their cybersecurity policies and procedures, including whether they reflect changes in cybersecurity risk over the time period covered by the review. The proposal — through new notification requirements applicable to all Market Entities and additional reporting requirements applicable to Market Entities other than certain types of small broker-dealers (collectively, “Covered Entities”) — would improve the Commission’s ability to obtain information about significant cybersecurity incidents affecting these entities. Further, new public disclosure requirements for Covered Entities would improve transparency about the cybersecurity risks that can cause adverse impacts to the U.S. securities markets.
The proposing release will be published in the Federal Register. The public comment period will remain open until 60 days after the date of publication of the proposing release in the Federal Register.
###
STAY CONNECTED
1 Twitter 2 Facebook 3RSS 4YouTube
6LinkedIn 8 Email Updates

source