The Securities and Exchange Commission’s new cybersecurity rules will come into effect on 18 December for large, publicly traded companies; smaller firms have an additional 90 days to comply. The rules, passed in July, require companies to report data breaches within four days and offer clarity on mitigating cyber risks. They also require firms to outline their cybersecurity processes and expertise. Companies, fearing a drop in share price, have expressed concern over the short reporting window.
IoT and ransomware are big security risks, and health systems feel unprepared
US healthcare organizations are facing an increasing number of sophisticated cybersecurity threats, with almost 400 entities reporting incidents linked to ransomware in 2024. Half of
