In the Shadow of a War, the US Senate Passes Legislation to Drive Data Breach Transparency


Summary Bullets:

Amy Larsen DeCarlo – Principal Analyst, Security and Data Center Services

• As Russia continues to press into Ukraine, both countries are targets of cyberattacks raising concerns about emboldened hackers escalating their efforts to critical infrastructure in other regions

• With the SolarWinds hack of 2020 still a prominent memory, the US Senate passed legislation it promises to both improve transparency around security events and strengthen support for breached entities

With the Russian invasion of Ukraine looming large over the geopolitical climate, cyberattacks hitting both countries are evidence that threat actors are already playing a major role in the early days of the war. Cyberthreats have long been a top concern, but the current turmoil is lending an increasing urgency around threats to critical infrastructure beyond the current conflict. Russian-based threat actors proved their effectiveness with the SolarWinds attack in which multiple US government agencies including the Department of Defense, the State Department, and the Department of Homeland Security were breached.

One of the major challenges both public and private sector organizations face is a lack of information. This is in part because of actual security incidents getting buried in an impossibly high volume of false positives. But it is also the result of a lack of information sharing between and among peers. This week the US Senate passed legislation that promises to both help drive greater transparency around data breaches and ransomware payments and improve support for impacted organizations.

Continue reading “In the Shadow of a War, the US Senate Passes Legislation to Drive Data Breach Transparency”