The SEC says companies must disclose more information about cybersecurity risks
From TechCrunch, Catherine Shu reports on new guidance from the U.S. Securities and Exchange Commission regarding the need for public companies to be more forthcoming with disclosures of cyber risk before a breach occurs. This expands on previous guidance from 2011 warning against the trading of shares when cybersecurity issues have yet to be made public.
In a press release last week, the Department of Energy announced the creation of a new Office of Cybersecurity, Energy Security, and Emergency Response (CESER). The office will be led by an Assistant Secretary and focus on energy infrastructure security using a proposed budget of $96 million included in the White House proposed FY19 budget.
Homeland Security chief touts effort on election cybersecurity
Morgan Chalfant from The Hill reports on a statement issued by Homeland Security Secretary Kirstjen Nielsen Tuesday regarding DHS efforts to shore up state and local election security efforts. The statement highlights recent meetings with state and local election officials that included classified intelligence briefings on prominent cyber risks facing U.S. voting systems.
Lack of Security Upgrades Threaten Health IT Infrastructure
From HIT Infrastructure, Elizabeth O’Dowd writes on the need for healthcare IT systems to have greater efforts placed on maintaining security as healthcare organizations spend more money on upgrading their technology. Citing a recent AJMC study, O’Dowd notes that network based theft of patient records are the least frequent by most impactful attacks on patient privacy.