The “AI Incident Reporting Act” draft makes reporting of critical AI incidents a legal obligation instead of voluntary practice, with penalties of up to two million dollars.
A majority of CISOs report pressure from management to delay or withhold negative security disclosures, despite regulatory requirements and best practices demanding prompt transparency.