Breach Notification , Business Continuity Management / Disaster Recovery , Critical Infrastructure Security

Why New Incident Reporting Mandates Are 'Groundbreaking'

Former NSA Deputy Commander Tim Kosiba on Top Healthcare Sector Cyber Concerns
Why New Incident Reporting Mandates Are 'Groundbreaking'
Former NSA Deputy Commander Tim Kosiba, CEO of Bracket f.

New legislation mandating cyber incident reporting for critical infrastructure providers within 72 hours, and the reporting of ransom payments within 24 hours, is "groundbreaking," with potentially significant implications, says National Security Agency Deputy Commander Tim Kosiba, CEO of security firm bracket f.

"Our government is emphasizing the need to report such instances to organizations like the Cybersecurity Infrastructure Security Agency, the FBI, etc. to assist and ensure that the problem doesn't get worse," he says. "So, if you're actually hit by a ransomware attack … now it will ultimately be law that you report that attack," he says in an interview with Information Security Media Group.

Nonetheless, the ability of critical infrastructure operators to meet these mandates will be challenging, he says. "The owners need to take seriously the threat that exists today and prepare their organizations by taking necessary steps to mitigate the possibilities of an attack."

In the interview (audio link below photo), Kosiba also discusses:

Kosiba is CEO of bracket f, a wholly-owned subsidiary of cloud security firm Redacted. He is a former senior government official whose career spans three decades in the Department of Defense, FBI and the U.S. Department of the Navy. Kosiba most recently served as a deputy commander within the NSA where he was responsible for implementation of the NSA's cybersecurity policy. Prior to that role, he served as the chief of computer network operations at NSA.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.