In rapid succession, the following occurred:
Congress enacted new cybersecurity requirements for critical infrastructure.
U.S. Securities and Exchange Commission proposed a new cybersecurity rule.
U.S. Department of Justice unsealed indictments of Russian cyber operatives targeting the U.S. energy sector.
Federal Bureau of Investigation and the U.S. Department of Homeland Security pushed out new cybersecurity advisories.
This update summarizes the threats that the indictments described and sets the stage for new security and incident response requirements.