On March 1, 2022, the U.S. Senate passed by unanimous consent a package of three cybersecurity bills, known collectively as the Strengthening American Cybersecurity Act, which would enhance reporting requirements for certain major cyber incidents and ransomware attacks.
Senators Gary Peters and Rob Portman, who co-sponsored the Act, expressed the urgency of enhancing the nation’s cyber readiness “in the face of potential cyber-attacks sponsored by the Russian government in retaliation for U.S. support in Ukraine.”
The legislation would require critical infrastructure companies and civilian federal agencies to report to the Cybersecurity and Infrastructure Security Agency if they suffer a substantial cyberattack. Critical infrastructure companies would also be required to report making ransom payments in response to a ransomware attack. In addition, the legislation would modernize the federal government’s cybersecurity posture and update the Federal Risk and Authorization Management Program for cloud computing. The legislation now moves to the House for consideration, where a bipartisan group of representatives are working to ensure passage.
Please click here to continue reading on the Cleary Cybersecurity and Privacy Watch blog.