Industry groups push back on cyber incident rules requiring “full access”
The proposed rules would also require ICT contractors to report a cyber incident to the government within eight hours.
The proposed rules would also require ICT contractors to report a cyber incident to the government within eight hours.
Log4j will keep agencies busy into the new year, but experts say the federal enterprise made progress a year after SolarWinds.
Cyber incident reporting requirements for critical infrastructure companies and other federal cybersecurity provisions were left out of this year’s NDAA.
TSA is expected to issue new security directives for passenger and freight rail operators in the coming weeks.