Positive Security News - Edition 11
Hello all, another week another roundup! Welcome back to the Positive Security News where it's not all doom and gloom in the cyber security industry!
US Senate passes Cybersecurity act forcing orgs to report cyberattacks and ransom payments
Roughly two weeks ago we spoke on Australia amending their cybersecurity legislation, introducing a new mandatory "ransomware incident reporting regime", we now find the U.S. following a similar principle.
A new bill enforces critical infrastructure organisations to now inform the Cybersecurity and Infrastructure Security Agency, more commonly know as CISA, about Cyber attacks within "72 hours and ransomware payments within 24 hours".
2. Online Safety Bill tweaked to target scam ads
Do you ever find yourself on a website (dubious or not) with the ever present "You've been hacked" or "Add this extension now!" pop ups trespassing on your screen?
Well fear not! New legislation introduced this week as a part of the Online Safety Bill is making platforms more accountable for the adverts they permit to run on their site. This will allow individuals to interact with these advertisements, without the fear of engaging with malicious content.
Former I'm a Celeb contestant and current Digital Secretary Nadine Dorries said:
"We are also announcing a review of the wider rules around online advertising to make sure industry practices are accountable, transparent and ethical - so people can trust what they see advertised and know fact from fiction."
Very promising stuff!
Source: BBC News
3. Funding to be given to U.S. schools for Cyber Education Programs
Now rounding up, we are travelling back to the United States for more Cybersecurity progression!
Another new piece of legislation appropriately named "Cybersecurity Grants For Schools Act of 2022" was also introduced this week, allowing allocation of federal grants to state governments to "provide a stronger Cybersecurity curriculum to younger generations".
The bill states "The Director may award financial assistance in the form of grants or cooperative agreements to States, local governments, institutions of higher education"..."nonprofit organizations, and other non-Federal entities as determined appropriate by the Director for the purpose of funding cybersecurity and infrastructure security education and training programs and initiatives", and, "to address the national shortfall of cybersecurity professionals".
This is refreshing and much needed, as Cyber education for younger generations will help better shape the future. We know over in the UK how challenging it is to enter the Cyber industry, with roughly 0.077% of our population employed in Cyber roles, so it is revitalising to see America taking steps by incentivising youngsters and introduce them to the industry. Let's hope the UK follow suit!
And so that does it for this week's Positive Security News, be sure to stick around for next week's edition! Until then!