<?xml version="1.0" encoding="UTF-8"?><rss version="2.0"
	xmlns:content="http://purl.org/rss/1.0/modules/content/"
	xmlns:wfw="http://wellformedweb.org/CommentAPI/"
	xmlns:dc="http://purl.org/dc/elements/1.1/"
	xmlns:atom="http://www.w3.org/2005/Atom"
	xmlns:sy="http://purl.org/rss/1.0/modules/syndication/"
	xmlns:slash="http://purl.org/rss/1.0/modules/slash/"
	>

<channel>
	<title>Public Policy &#8211; Noise</title>
	<atom:link href="https://noise.getoto.net/tag/public-policy/feed/" rel="self" type="application/rss+xml" />
	<link>https://noise.getoto.net</link>
	<description>The collective thoughts of the interwebz</description>
	<lastBuildDate>Thu, 04 Dec 2025 14:00:00 +0000</lastBuildDate>
	<language>en-US</language>
	<sy:updatePeriod>
	hourly	</sy:updatePeriod>
	<sy:updateFrequency>
	1	</sy:updateFrequency>
	<generator>https://wordpress.org/?v=6.8.2</generator>
	<item>
		<title>From Policy to Practice: Why Cyber Resilience Needs a Reboot</title>
		<link>https://noise.getoto.net/2025/12/04/from-policy-to-practice-why-cyber-resilience-needs-a-reboot/</link>
		
		<dc:creator><![CDATA[Rapid7]]></dc:creator>
		<pubDate>Thu, 04 Dec 2025 14:00:00 +0000</pubDate>
				<category><![CDATA[artificial intelligence]]></category>
		<category><![CDATA[Government]]></category>
		<category><![CDATA[Public Policy]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=aa7fbeeaf2b43c3dda19a3715fbf5eef</guid>

					<description><![CDATA[In cybersecurity today, regulation is everywhere, but resilience isn’t keeping pace.In this episode of Experts on Experts: Commanding Perspectives, Craig Adams chats with Sabeen Malik, VP of Public Policy &#38; Government Affairs at Rapid7, about what’s br...]]></description>
		
		
		<enclosure url="https://images.contentstack.io/v3/assets/blte4f029e766e6b253/bltf8317b2e5bfec732/68adbeaa4f9d3d04bd8228e9/experts-on-experts.png" length="0" type="" />

			</item>
		<item>
		<title>Incident Reporting Regulations Summary and Chart</title>
		<link>https://noise.getoto.net/2022/08/26/incident-reporting-regulations-summary-and-chart/</link>
		
		<dc:creator><![CDATA[Harley Geiger]]></dc:creator>
		<pubDate>Fri, 26 Aug 2022 13:31:26 +0000</pubDate>
				<category><![CDATA[Compliance]]></category>
		<category><![CDATA[Government]]></category>
		<category><![CDATA[incident response]]></category>
		<category><![CDATA[Public Policy]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=cf432b00bb73570229de024e8f40f809</guid>

					<description><![CDATA[A growing number of regulations require organizations to report cybersecurity incidents. This chart summarizes 11 proposed and current cyber incident reporting regulations and breaks down their common elements, such as who must report, what incidents must be reported, deadlines, and more.]]></description>
		
		
		<enclosure url="https://blog.rapid7.com/content/images/2022/08/blog-image-Incident-Reporting-1.png" length="0" type="" />

			</item>
		<item>
		<title>Avoiding Smash and Grab Under the SEC’s Proposed Cyber Rule</title>
		<link>https://noise.getoto.net/2022/08/23/avoiding-smash-and-grab-under-the-secs-proposed-cyber-rule/</link>
		
		<dc:creator><![CDATA[Harley Geiger]]></dc:creator>
		<pubDate>Tue, 23 Aug 2022 16:53:26 +0000</pubDate>
				<category><![CDATA[Compliance]]></category>
		<category><![CDATA[incident response]]></category>
		<category><![CDATA[Public Policy]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=8110f6e8080866adaa05fb25e9314ae5</guid>

					<description><![CDATA[The SEC proposed a rule to require companies to publicly report cybersecurity incidents. This post explains why public disclosure of an incident before mitigation or containment raises the risk of harm, and suggests a solution that avoids harm while still promoting disclosure.]]></description>
		
		
		<enclosure url="https://blog.rapid7.com/content/images/2022/08/smash-and-grab.jpg" length="0" type="" />

			</item>
		<item>
		<title>Navigating the Evolving Patchwork of Incident Reporting Requirements</title>
		<link>https://noise.getoto.net/2022/08/10/navigating-the-evolving-patchwork-of-incident-reporting-requirements/</link>
		
		<dc:creator><![CDATA[Peter Woolverton]]></dc:creator>
		<pubDate>Wed, 10 Aug 2022 13:30:00 +0000</pubDate>
				<category><![CDATA[Compliance]]></category>
		<category><![CDATA[Public Policy]]></category>
		<category><![CDATA[Rapid7 Perspective]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=eb93b12ca7e34a068ed84eafedb44924</guid>

					<description><![CDATA[Rapid7 is supportive of CIRCIA and cyber incident reporting, but we encourage regulators to ensure reporting rules do not impose unnecessary burdens.]]></description>
		
		
		<enclosure url="https://blog.rapid7.com/content/images/2022/08/incident-reporting-patchwork.jpg" length="0" type="" />

			</item>
		<item>
		<title>New US Law to Require Cyber Incident Reports</title>
		<link>https://noise.getoto.net/2022/03/10/new-us-law-to-require-cyber-incident-reports/</link>
		
		<dc:creator><![CDATA[Harley Geiger]]></dc:creator>
		<pubDate>Thu, 10 Mar 2022 16:06:09 +0000</pubDate>
				<category><![CDATA[Government]]></category>
		<category><![CDATA[incident response]]></category>
		<category><![CDATA[Public Policy]]></category>
		<category><![CDATA[Rapid7 Perspective]]></category>
		<category><![CDATA[Russia-Ukraine Conflict]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=6df1f033db8dcfa733c962ac321b98fd</guid>

					<description><![CDATA[The Cyber Incident Reporting for Critical Infrastructure Act of 2022 will require critical infrastructure owners and operators to report cyber incidents and ransomware payments. This post will walk through highlights from the new law.]]></description>
		
		
		<enclosure url="https://blog.rapid7.com/content/images/2022/03/cyber-reporting.jpg" length="0" type="" />

			</item>
		<item>
		<title>Prudent Cybersecurity Preparation for the Potential Russia-Ukraine Conflict</title>
		<link>https://noise.getoto.net/2022/02/16/prudent-cybersecurity-preparation-for-the-potential-russia-ukraine-conflict/</link>
		
		<dc:creator><![CDATA[boB Rudis]]></dc:creator>
		<pubDate>Tue, 15 Feb 2022 22:23:23 +0000</pubDate>
				<category><![CDATA[Public Policy]]></category>
		<category><![CDATA[Rapid7 Perspective]]></category>
		<category><![CDATA[research]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=3334e96d687dda4ce7a96ede094d3094</guid>

					<description><![CDATA[Fending off an attack from a well-resourced nation state is a nightmare scenario for cybersecurity teams. Here are some steps your organization can take to bolster its defenses.]]></description>
		
		
		<enclosure url="https://blog.rapid7.com/content/images/2022/02/cybersecurity-preparations.jpg" length="0" type="" />

			</item>
		<item>
		<title>How Ransomware Is Changing US Federal Policy</title>
		<link>https://noise.getoto.net/2022/01/26/how-ransomware-is-changing-us-federal-policy/</link>
		
		<dc:creator><![CDATA[Harley Geiger]]></dc:creator>
		<pubDate>Wed, 26 Jan 2022 14:15:36 +0000</pubDate>
				<category><![CDATA[Public Policy]]></category>
		<category><![CDATA[ransomware]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=8432e1e6a880c842641aeb9417dcf61a</guid>

					<description><![CDATA[The increased stakes of the ransomware threat are pushing regulators to take a harder look at whether regulatory requirements for cybersecurity safeguards are effective.]]></description>
		
		
		<enclosure url="https://blog.rapid7.com/content/images/2022/01/ransomware-us-policy.jpg" length="0" type="" />

			</item>
		<item>
		<title>2022 Planning: Simplifying Complex Cybersecurity Regulations</title>
		<link>https://noise.getoto.net/2021/12/09/2022-planning-simplifying-complex-cybersecurity-regulations/</link>
		
		<dc:creator><![CDATA[Harley Geiger]]></dc:creator>
		<pubDate>Thu, 09 Dec 2021 14:15:00 +0000</pubDate>
				<category><![CDATA[2022 Planning]]></category>
		<category><![CDATA[Compliance]]></category>
		<category><![CDATA[Public Policy]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=059fbe31684ccfecbb284b228c9b4f0c</guid>

					<description><![CDATA[Cybersecurity regulations often require similar baseline security practices, even though the legislation may structure compliance requirements differently.]]></description>
		
		
		<enclosure url="https://blog.rapid7.com/content/images/2021/12/simplifying-cybersecurity-regulations.jpg" length="0" type="" />

			</item>
		<item>
		<title>3 Strategies That Are More Productive Than Hack Back</title>
		<link>https://noise.getoto.net/2021/12/07/3-strategies-that-are-more-productive-than-hack-back/</link>
		
		<dc:creator><![CDATA[boB Rudis]]></dc:creator>
		<pubDate>Tue, 07 Dec 2021 16:07:15 +0000</pubDate>
				<category><![CDATA[cybersecurity]]></category>
		<category><![CDATA[Public Policy]]></category>
		<category><![CDATA[Security Strategy]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=268e0de816c9717cacb17c7b2ce331ec</guid>

					<description><![CDATA[Hack back, as used by non-government entities, is problematic for many reasons. Here are 3 alternative strategies to thwart the attackers.]]></description>
		
		
		<enclosure url="https://blog.rapid7.com/content/images/2021/12/3-strategies-hack-back.jpg" length="0" type="" />

			</item>
		<item>
		<title>Thawing Out the Chilling Effect Of DMCA Section 1201</title>
		<link>https://noise.getoto.net/2021/11/15/thawing-out-the-chilling-effect-of-dmca-section-1201/</link>
		
		<dc:creator><![CDATA[Harley Geiger]]></dc:creator>
		<pubDate>Mon, 15 Nov 2021 16:55:30 +0000</pubDate>
				<category><![CDATA[Public Policy]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=5543a7575ba6309a286e2323f272e40e</guid>

					<description><![CDATA[The Copyright Office issued the latest rules on security research under DMCA Section 1201. Good news: researchers' legal protections have been strengthened with the removal of the "all other laws" requirement.]]></description>
		
		
		<enclosure url="https://blog.rapid7.com/content/images/2021/11/ice-flowers-1.jpg" length="0" type="" />

			</item>
		<item>
		<title>Update to GLBA Security Requirements for Financial Institutions</title>
		<link>https://noise.getoto.net/2021/11/10/update-to-glba-security-requirements-for-financial-institutions/</link>
		
		<dc:creator><![CDATA[Harley Geiger]]></dc:creator>
		<pubDate>Wed, 10 Nov 2021 19:55:30 +0000</pubDate>
				<category><![CDATA[Finance]]></category>
		<category><![CDATA[Government]]></category>
		<category><![CDATA[Public Policy]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=070fcb8905943f3a3a81b8024a1fab71</guid>

					<description><![CDATA[The FTC updated cybersecurity requirements for financial institutions under GLBA. This includes access controls, regular penetration testing and vulnerability scanning, and incident response, among other things. Here we'll detail the changes in comparison to the previous rule.]]></description>
		
		
		<enclosure url="https://blog.rapid7.com/content/images/2021/11/safe.jpg" length="0" type="" />

			</item>
		<item>
		<title>Ransomware: Is Critical Infrastructure in the Clear?</title>
		<link>https://noise.getoto.net/2021/09/24/ransomware-is-critical-infrastructure-in-the-clear/</link>
		
		<dc:creator><![CDATA[Jen Ellis]]></dc:creator>
		<pubDate>Fri, 24 Sep 2021 13:25:19 +0000</pubDate>
				<category><![CDATA[Public Policy]]></category>
		<category><![CDATA[ransomware]]></category>
		<category><![CDATA[Rapid7 Perspective]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=a058b1af6174e800e8e7c77dfb757a54</guid>

					<description><![CDATA[Is critical infrastructure in the clear, is it a specific target of ransomware attackers, or is it simply on the same footing as any other organization?]]></description>
		
		
		<enclosure url="https://blog.rapid7.com/content/images/2021/09/critical-infrastructure.jpg" length="0" type="" />

			</item>
		<item>
		<title>Rapid7 Statement on the New Standard Contractual Clauses for International Transfers of Personal Data</title>
		<link>https://noise.getoto.net/2021/09/21/rapid7-statement-on-the-new-standard-contractual-clauses-for-international-transfers-of-personal-data/</link>
		
		<dc:creator><![CDATA[Chelsea Portney]]></dc:creator>
		<pubDate>Tue, 21 Sep 2021 12:53:27 +0000</pubDate>
				<category><![CDATA[cybersecurity]]></category>
		<category><![CDATA[Public Policy]]></category>
		<category><![CDATA[Rapid7 Perspective]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=c0abac10a651b1fa584127f146c25932</guid>

					<description><![CDATA[Rapid7 is committed to upholding high standards of privacy and security for our customers, and we are pleased to be able to offer the New SCCs.]]></description>
		
		
		<enclosure url="https://blog.rapid7.com/content/images/2021/09/GettyImages-1326018226.jpg" length="0" type="" />

			</item>
		<item>
		<title>Cybersecurity in the Infrastructure Bill</title>
		<link>https://noise.getoto.net/2021/08/31/cybersecurity-in-the-infrastructure-bill/</link>
		
		<dc:creator><![CDATA[Harley Geiger]]></dc:creator>
		<pubDate>Tue, 31 Aug 2021 17:00:00 +0000</pubDate>
				<category><![CDATA[Critical Infrastructure]]></category>
		<category><![CDATA[Government]]></category>
		<category><![CDATA[Public Policy]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=6128a380387a293861ec4c88076baa7d</guid>

					<description><![CDATA[This post provides highlights on cybersecurity in recent infrastructure legislation. Cybersecurity is essential to ensure modern infrastructure is safe, and Rapid7 commends Congress and the Administration for including cybersecurity in the Infrastructure Investment and Jobs Act.]]></description>
		
		
		<enclosure url="https://blog.rapid7.com/content/images/2021/08/infrastructure.jpg" length="0" type="" />

			</item>
		<item>
		<title>Reforming the UK’s Computer Misuse Act</title>
		<link>https://noise.getoto.net/2021/08/12/reforming-the-uks-computer-misuse-act/</link>
		
		<dc:creator><![CDATA[Jen Ellis]]></dc:creator>
		<pubDate>Thu, 12 Aug 2021 13:36:31 +0000</pubDate>
				<category><![CDATA[cybersecurity]]></category>
		<category><![CDATA[Detection and Response]]></category>
		<category><![CDATA[Public Policy]]></category>
		<category><![CDATA[Rapid7 Perspective]]></category>
		<category><![CDATA[Vulnerability management]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=107c038e4af4803c144e379ab3a88afb</guid>

					<description><![CDATA[The CMA is the UK’s anti-hacking law, and we've ​provided feedback on the issues we see with the legislation.]]></description>
		
		
		<enclosure url="https://blog.rapid7.com/content/images/2021/08/cyber.jpg" length="0" type="" />

			</item>
		<item>
		<title>Hack Back Is Still Wack</title>
		<link>https://noise.getoto.net/2021/08/10/hack-back-is-still-wack/</link>
		
		<dc:creator><![CDATA[Jen Ellis]]></dc:creator>
		<pubDate>Tue, 10 Aug 2021 13:32:24 +0000</pubDate>
				<category><![CDATA[cybersecurity]]></category>
		<category><![CDATA[Government]]></category>
		<category><![CDATA[hacking]]></category>
		<category><![CDATA[Public Policy]]></category>
		<category><![CDATA[Vulnerability management]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=d0cf75f1a2e94612d8ec9478b242f03e</guid>

					<description><![CDATA[The appeal of hack back is easy to understand, but that doesn't make the idea workable. Here, we outline why Rapid7 is against the authorization of private-sector hack back.]]></description>
		
		
		<enclosure url="https://blog.rapid7.com/content/images/2021/08/govt-security.jpg" length="0" type="" />

			</item>
		<item>
		<title>Rapid7 Joins Statement On DMCA Lawsuits Against Security Tools</title>
		<link>https://noise.getoto.net/2021/06/23/rapid7-joins-statement-on-dmca-lawsuits-against-security-tools/</link>
		
		<dc:creator><![CDATA[Harley Geiger]]></dc:creator>
		<pubDate>Wed, 23 Jun 2021 15:59:00 +0000</pubDate>
				<category><![CDATA[Public Policy]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=08c25e522af00d137533903238928a26</guid>

					<description><![CDATA[Rapid7 joined a statement from cybersecurity community members urging against suppression of security tools and technologies using Section 1201 of the DMCA.]]></description>
		
		
		<enclosure url="https://blog.rapid7.com/content/images/2021/06/tools.jpg" length="0" type="" />

			</item>
		<item>
		<title>Principles for personal information security legislation</title>
		<link>https://noise.getoto.net/2021/01/21/principles-for-personal-information-security-legislation/</link>
		
		<dc:creator><![CDATA[Harley Geiger]]></dc:creator>
		<pubDate>Thu, 21 Jan 2021 13:30:00 +0000</pubDate>
				<category><![CDATA[Public Policy]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=ebcc2908ea010f0fdd9bd0704b43cb4b</guid>

					<description><![CDATA[Rapid7's principles for laws to protect personal information: 1) Strong but flexible security requirements; 2) Security exemptions from privacy restrictions; 3) State preemption without undermining cybersecurity.]]></description>
		
		
		<enclosure url="https://blog.rapid7.com/content/images/2021/01/shredder-779853_1920.jpg" length="0" type="" />

			</item>
	</channel>
</rss>

<!--
Performance optimized by W3 Total Cache. Learn more: https://www.boldgrid.com/w3-total-cache/

Object Caching 144/146 objects using Memcached
Page Caching using Disk: Enhanced 
Lazy Loading (feed)
Database Caching using Memcached

Served from: noise.getoto.net @ 2025-12-05 19:59:22 by W3 Total Cache
-->