Several recommendations have been given by the Department of Homeland Security to simplify federal cyber incident reporting rules in an effort to ensure no additional burdens to cyberattack-hit organizations, reports The Record, a news site by cybersecurity firm Recorded Future.
Aside from clarifying reportable cybersecurity incident definitions and timelines, as well as considering whether the deferral of breach notifications to victims is needed, the federal government should also deliberate on a unified incident reporting portal to bolster incident report receipt and sharing efficiency, said the DHS in a report sent to Congress. The report also recommended the implementation of a cyber incident reporting form and common incident reporting terms, as well as updates and supplemental reports on incident reporting requirements.
"In the critical period immediately following a cyberattack, our private sector partners need clear, consistent information-sharing guidelines to help us quickly mitigate the adverse impacts," said DHS Secretary Alejandro Mayorkas.
The U.S. House Committee on Homeland Security invited Brad Smith, Microsoft’s top lawyer, to attend a proposed hearing on May 22 to discuss the use of the company’s email software that led to emails of U.S. government officials being obtained by hackers, according to CNBC.
U.S. cybersecurity agencies warn that Russia, China, Iran, and North Korea are increasingly targeting civil society organizations worldwide, according to The Record, a news site by cybersecurity firm Recorded Future.
Chris DeRusha is stepping down as federal chief information security officer after more than three years in the role, during which he significantly contributed to the Biden administration's cybersecurity initiatives, FedScoop reports.