In addition to five new state privacy laws, 2024 is expected to bring not only an amplified number of cyberattacks but also increasingly sophisticated attacks, including using emerging technologies such as artificial intelligence (AI), in what is a quickly and continuously evolving threat landscape.
The new New York cybersecurity regulations require healthcare facilities to appoint a CISO, implement incident response plans, and to face new breach reporting requirements. They will also have access to a total of $500 million in new funding from the state.
Tighter cybersecurity regulations that have already come for certain critical infrastructure industries are now being applied to rail and aviation, as the Biden administration continues a general program of hardening the country's cyber defenses.
There are two pieces of legislation already in front of Congress that would set reporting requirements for ransomware payments, each proposing different time windows for different industries and company sizes. A third now seeks a 48-hour limit.
Biden's executive order is stepping up the nation’s cybersecurity measures and this can help enhance the security of autonomous vehicles where an attack could potentially have catastrophic consequences.
Some of these new DHS cybersecurity regulations have been in the works for some time, but the rapid rollout of changes comes in response to the Colonial Pipeline ransomware attack that created temporary gas shortages.