Multiple agencies are expected to act on incident reporting requirements in the new year as work to digest industry feedback continues at the Securities and Exchange Commission and Cybersecurity and Infrastructure Security Agency, while changes to federal acquisition regulations from the 2021 cyber executive order are coming along with the release of the long-awaited national cyber strategy. The SEC will reveal next steps on its controversial proposal to require publicly traded companies to disclose cyber incidents and report on the...
