Last Updated on 04/03/2022 by Nidhi Khandelwal
The “Strengthening American Cybersecurity Act” was unanimously passed by the US Senate in an attempt to improve the cybersecurity of critical infrastructure owners in the country.
The new bipartisan law requires companies that encounter a cyber event to notify the US Cybersecurity and Infrastructure Security Agency (CISA) within 72 hours of the assault, as well as to notify the agency of ransomware payments within 24 hours.
Affected companies must alsIn September 2021, U.S. Senator Rob Portman stated, “As cyber and ransomware attacks continue to rise, the federal government must be able to quickly coordinate a response and hold these bad actors accountable.”
“This bipartisan bill will provide […] comprehensive visibility into the daily cyber attacks occurring across our country, allowing for a whole-of-government reaction, mitigation, and warning to vital infrastructure and others of current and imminent attacks.”
o keep relevant data and disclose updates “to a previously submitted covered cyber incident report if substantial new or different material becomes available or if the covered business makes a ransom payment after submitting a covered cyber incident report.”
The Cyber Incident Reporting Act (CIRA), the Federal Information Security Management Act (FISMA), and the Federal Secure Cloud Improvement and Jobs Act are all part of the Strengthening American Cybersecurity Act of 2022. (FSCIJA).
FSCIJA intends to accelerate the implementation of cloud computing goods and services, foster stronger adoption of secure cloud capabilities, create jobs, and minimize reliance on old information technology, while FISMA integrates more effective cybersecurity procedures.
After being approved by the Senate, the legislation must now be enacted by the House before it can be signed into law.