FBI Calling for Real-Time Access to Information Regarding Cyber Incidents
The Federal Bureau of Investigation is pushing Congress to require critical infrastructure organizations to report cyber incidents to the bureau in a more timely fashion and create stronger liability protections for businesses. Commenting on the potential impact of the Cyber Incident Reporting Act, which was recently passed by the Senate, FBI Director Christopher Wray told the House Intelligence Committee on Tuesday that he endorses the concept of the bill but believes the FBI should have real-time access to information regarding cyberattacks.
Wray’s comments come as the Department of Justice and the FBI urge lawmakers to amend the bill’s reporting requirement. The current bill requires organizations to report incidents to the Cybersecurity and Infrastructure Security Agency, which would then relay the report to the FBI within 24 hours. DOJ and FBI officials argue that reporting should happen simultaneously, SC Media reported Tuesday.
For his part, Wray told lawmakers that the bill should establish a direct reporting path to the FBI. Timely cyber incident reporting could result in better investigations, incident response, ransom attack and ransom payment recovery and warning capabilities, Wray said.
The FBI director also recommended that the bill provide protections for companies from legal liabilities.
CISA Director and 2022 Wash100 winner Jen Easterly said through Twitter that her agency is willing to immediately share information with the FBI.
Director of National Intelligence and 2022 Wash100 winner Avril Haines endorsed the Senate version of the bill during the same hearing, including the reporting requirement to CISA but noted that “additional reporting that might be done more generally” may be needed.
Tags: Avril Haines Christopher Wray Cyber Incident Reporting Act cybersecurity Cybersecurity and Infrastructure Security Agency FBI Jen Easterly SC Media Senate