The U.S. Senate passed legislation that would mandate reports of cyberattacks on critical infrastructure and federal civilian agencies, Healthcare IT News reports.
Critical infrastructure sectors include healthcare and public health, along with information technology, emergency services and critical manufacturing.
Sponsored by Sen. Gary Peters, D-Michigan, the Strengthening American Cybersecurity Act combines language from three separate bills.
It would require critical infrastructure entities to report substantial cyber incidents – defined as those leading to a disruption of business operations and a loss of confidentiality – to the Cybersecurity and Infrastructure Security Agency within 72 hours, and to report ransomware payments within 24 hours. Read more.