Home Affairs releases second Critical Infrastructure Bill with leftover obligations

At the start of this month, Australia’s Security Legislation Amendment (Critical Infrastructure) Act 2021 became law to give government “last resort” powers to direct an entity to gather information, undertake…

US Senate passes $768 billion defense bill without cyber incident reporting provisions

The US Senate passed the The National Defense Authorization Act (NDAA) on Wednesday, approving the $768 billion annual defense spending bill that was packed with cybersecurity provisions. The bill now heads…

Cyber incident reporting mandates suffer another congressional setback

Written by Tim Starks Dec 7, 2021 | CYBERSCOOP House and Senate negotiators have excluded provisions from a must-pass defense bill that would have mandated many companies to report major…

Security experts question new DHS/TSA cybersecurity rules for rail companies

On Thursday, the Department of Homeland Security (DHS) released new rules for the US’s freight railroad and passenger rail transit industry. The rules make it mandatory for companies to have…

DHS: Cybersecurity coordinators and vulnerability assessments mandatory for rail companies

The Department of Homeland Security (DHS) announced two new cybersecurity directives handed down by the Transportation Security Administration (TSA) on Thursday designed to better protect freight railroads and passenger rail transit…

Incident reporting, ransomware payment legislation faces trouble in Senate

Written by Tim Starks Nov 24, 2021 | CYBERSCOOP Legislation requiring critical infrastructure owners to report major cyber incidents to the federal government, and mandating that ransomware victims disclose when…