Senate Approves Bill Seeking to Protect US Information, Enhance Cybersecurity
The bill combines the Cyber Incident Reporting Act, the Federal Information Security Modernization Act of 2021 and the Federal Secure Cloud Improvement and Jobs Act. It includes measures to modernize the federal government’s cybersecurity posture, ZDNet reported Thursday.
Under the proposed law, critical infrastructure organizations will be required to report cyberattacks and ransom payments. They would be given up to 72 hours to report attacks and 24 hours to report payments made to hackers.
The approval comes in the wake of Russia’s invasion of Ukraine and amid warnings from cybersecurity agencies about potential Russian cyberattacks on U.S. systems. According to Peters, the bill would ensure that the U.S. can respond to cybercriminals and adversaries who decide to attack the country’s cyber networks.
He added that the bill would require the Cybersecurity and Infrastructure Security Agency to support critical infrastructure operators and federal civilian agencies in responding to and recovering from cyberattacks.
The proposed legislation would also authorize the Federal Risk and Authorization Management Program to ensure that agencies can quickly adopt cloud-based technologies. It also has provisions to streamline cybersecurity laws to improve coordination between federal agencies and require civilian agencies to report cyberattacks to CISA.
The bill also updates the threshold for agencies’ cyber incident reporting to Congress.
Tags: cybersecurity Cybersecurity and Infrastructure Security Agency FedRAMP FISMA Gary Peters legislation Rob Portman Senate Strengthening American Cybersecurity Act ZDNet