Recently on 1 March 2022, the US Senate passed the American Cybercrime Act 2022. According to which in critical infrastructure, the federal agencies and organizations have to report cybercrimes in 72 hours. Organizations should also report cyber crimes and ransom demands and payments. Senator Gary Peters and Senator Rob Portman backed the bill with bipartisan support.
It will be marked as the most significant cyber bill to make through the Senate in the chamber’s history. In the past, there was another important legislation presented in 2015 and successfully passed, known as Cybersecurity Information Sharing Act. According to this, companies were given legal cover to report cyber threats to the government voluntarily.
The bill’s primary purpose is to bolster the posture of federal government cybersecurity. Another reason includes reporting any cybercrime or ransom payment of the critical infrastructure senate.
The Senate passed the act due to a warning of the potential for Russian cyberattacks targeting US organizations. It was presented by the Department of Homeland Security and Cybersecurity and Infrastructure Security Agency.
The Strengthening American Cybersecurity Act 2022 will include federal agencies’ reports about cybercrimes and ransomware. The bill also has a notice to CISA to report ransom demands within 24 hours and cyber incidents within 72 hours. There wasn’t any notice to report cyber threats to the FBI. However, the bill provided CISA with a mechanism to share the information with federal agencies.
The bill has specific minimum requirements for reporting to CISA. Furthermore, the content of reporting a cybercrime or cyber incident should include:
On the other hand, reporting a ransom payment will include:
Rogue Logics provides in-depth security services for assessing and protecting your application, data, and infrastructure against potential threats on-prem or in the cloud.
Want a consultation with the professionals at Rogue Logics? Contact us and get a free quote.