Several other regulatory steps and Congress' 60-day period to review the defense industrial base's new cybersecurity standard still loom before it takes effect.
A whistleblower repeatedly tried to get the tech giant to fix a security flaw that left millions of users exposed—including contractors, the State Department, and the National Nuclear Security Administration.