by Ravie Lakshmanan at The Hacker News
The U.S. Senate unanimously passed the “Strengthening American Cybersecurity Act” on Tuesday in an attempt to bolster the cybersecurity of critical infrastructure owners in the country.
The new bipartisan legislation, among other things, stipulates entities that experience a cyber incident to report the attacks within 72 hours to the U.S. Cybersecurity and Infrastructure Security Agency (CISA), in addition to alerting the agency about ransomware payments within 24 hours.
Furthermore, affected organizations are required to preserve relevant data and promptly share updates “to a previously submitted covered cyber incident report if substantial new or different information becomes available or if the covered entity makes a ransom payment after submitting a covered cyber incident report.”
The Strengthening American Cybersecurity Act of 2022 combines three different bills: the Cyber Incident Reporting Act (CIRA), the Federal Information Security Management Act (FISMA), and the Federal Secure Cloud Improvement and Jobs Act (FSCIJA)…Continue Reading