My TechDecisions

Compliance, IT Infrastructure, Network Security, News

Senate-Passed Cybersecurity Bill Requires Incident Reporting Within 72 Hours

The U.S. Senate has passed a bipartisan bill designed to harden U.S. cybersecurity in both public and private sector.

Leave a Comment

Google Cybersecurity Certificate
sarayut_sy/stock.adobe.com

The Senate has passed a bipartisan bill designed to harden U.S. cybersecurity in both public and private sectors requiring organizations to report significant cyberattacks and ransomware payments to the U.S. Cybersecurity and Infrastructure Security Agency (CISA).

The proposed bill, Strengthening American Cybersecurity Act, combines language from three bills that Sens. Rob Portman (R-OH), Gary Peters (D-MI) authored and advanced out of their committee, including the Cyber Incident Reporting Act, the Federal Information Security Modernization Act of 2021, and the Federal Secure Cloud Improvement and Jobs Act.

In addition to requiring critical infrastructure owners and operators and civilian federal agencies to report significant cyberattacks and ransomware payments to CISA, the proposed law also seeks to modernize the government’s security posture and authorizes the Federal Risk and Authorization Management Program (FedRAMP) to ensure U.S. agencies can quickly and securely adopt cloud-based technologies, according to the U.S. Senate on Homeland Security and Governmental Affairs.

Per the proposed law, critical infrastructure owners and operators such as banks, electrical grids, water networks and transportation systems have three days to report substantial cyberattacks to CISA, and just 24 hours to report a ransomware payment.

In addition, the law would update federal government cybersecurity laws to improve coordination between agencies and require the government to take a risk-based approach to cybersecurity.

The bill also provides additional authorities to CISA to ensure they are the lead federal agency in charge of responding to cybersecurity incidents on federal civilian networks.

Also, the law would authorize FedRAMP for five years to ensure federal agencies can quickly and securely adopt cloud-based technologies to improve government efficiency.

The passage of the bill comes as CISA and other government agencies are warning U.S. organizations to be on the lookout for large-scale cyberattacks in the wake of Russian’s invasion of Ukraine, which has produced a litany of cyberattacks against both Ukrainian and Russian organizations.

To become law, the bill must also pass in the House and be signed by President Joe Biden.

If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our digital newsletters!

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *

Latest Downloads

Practical Design Guide for Office Spaces
Practical Design Guide for Office Spaces

Recent Gartner research shows that workers prefer to return to the office for in-person meetings for relevant milestones, as well as for face-to-fa...

New Camera Can Transform Your Live Production Workflow
New Camera System Can Transform Your Live Production Workflow

Sony's HXC-FZ90 studio camera system combines flexibility and exceptional image quality with entry-level pricing.

Creating Great User Experience and Ultimate Flexibility with Clickshare

Working and collaborating in any office environment today should be meaningful, as workers today go to office for very specific reasons. When desig...

View All Downloads

Would you like your latest project featured on TechDecisions as Project of the Week?

Apply Today!

More from Our Sister Publications

Get the latest news about AV integrators and Security installers from our sister publications:

Commercial IntegratorSecurity Sales

AV-iQ