The Cybersecurity and Infrastructure Security Agency (CISA) has proposed a cyber incident reporting structure covering 16 critical sectors. The rule, although sector-based, would require entire entities, not just specific facilities or functions, to report any significant cyber incidents or ransom payments. This broad approach would assist the agency in performing extensive threat and trend analysis. Entities would have 60 days from April 4 to give written comments on the proposed rule.
Spike in Layoffs Pose Serious Cybersecurity Concerns
Redundancies at tech businesses have increased data security risks. Ex-employees often retain access to a company’s digital resources, posing potential data misuse threats. Businesses need