NIS2 introduces a 24-hour reporting obligation for cyberattacks, requiring organizations to comply with significantly faster incident reporting requirements.
The NIST backlog results from strategic deficits and duplicate structures with CISA, with both agencies operating parallel vulnerability enrichment programs since May 2024 and wasting approximately $200,000 in funds.
Attackers remained undetected for five months in a stock exchange executive’s mailbox and exfiltrated data via popular cloud services to evade detection.