The US Securities and Exchange Commission (SEC) has instigated a new rule requiring all registrants to disclose significant cyber incidents and describe their cyber risk management programmes within four days of detection. Ruling S7-09-22 aims to increase transparency for investors and encourage companies to invest in robust cyber security measures. However, the legislation’s wording is ambiguous, and there has been criticism regarding the lack of mandated boardroom cyber collaboration and expertise.
Hackers using malware to steal data from USB flash drives
Cybercriminals are using USB flash drives to spread malware through a process not relying on network vulnerabilities, hence bypassing traditional security systems. They use tools
