Congress and Senate have passed a new comprehensive Cyber Incident Reporting Bill that requires both Public and Private sector Infrastructure organizations to report cyber incidents to the US Cybersecurity and Infrastructure Security Agency (CISA) within 72 hours<\/b> of discovering the incident.\u00a0 Any organization that pays Ransomware<\/b> will have 24 hours<\/b> to report to avoid both civil and potentially criminal penalties.<\/p>\n
You must act now!\u00a0 Cyberattacks are up 40% in 2022 already.\u00a0 <\/b><\/p>\n
In 2021, an attack occurred every 39 seconds.<\/b>\u00a0 <\/b><\/b><\/p>\n\n
These new laws and the hundreds of regulations to follow will be extremely beneficial in the long run to help public and private organizations detect and defend against cyberattacks but implementing the reporting tools by the Private Sector will create 100\u2019s of billions of dollars in costs for organizations throughout the US and international partners to reach compliance.\u00a0 The ability to accurately track and analyze cyberattacks will help everyone improve threat intelligence and better protect and mitigate the risk of emerging threats.<\/p>\n
72 hours is an extremely short amount of time to report for the vast majority of the organizations in any sector when you consider the current tools and the current state of Incident Response.\u00a0 The shortage of qualified employees available in the market make it impossible to investigate, report, and remediate cyber incidents.\u00a0 Third party solutions will be necessary to fill the gaps of the critical shortage of skilled employees.<\/p>\n
Compiling the huge amount of data from cyberattacks has always been more estimate than fact and CISA is uniquely qualified to assimilate and disseminate the information.\u00a0 The budget for CISA has increased from $1.8 Billion in FY2021 to $52.2 Billion in FY2022 to address the increasingly dangerous world of cyber attacks by both State Sponsored and Criminal Organizations globally.\u00a0 The statement below was given by Jen Easterly:<\/p>\n
\u201cAs the nation\u2019s cyber defense agency, CISA applauds the passage of cyber incident reporting legislation. Thanks to the support of our many partners in Congress, CISA will have the data and visibility we need to help better protect critical infrastructure and businesses across the country from the devastating effects of cyber-attacks.\u00a0<\/p>\n
\u00a0<\/p>\n
CISA will use these reports from our private sector partners to build a common understanding of how our adversaries are targeting U.S. networks and critical infrastructure. This information will fill critical information gaps and allow us to rapidly deploy resources and render assistance to victims suffering attacks, analyze incoming reporting across sectors to spot trends, and quickly share that information with network defenders to warn other potential victims. CISA is committed to working collaboratively and transparently with our industry and federal\u00a0government partners in order to enhance the security and resilience of our nation\u2019s networks and critical infrastructure.<\/p>\n
Put plainly, this legislation is a game-changer. Today marks a critical step forward in the collective cybersecurity of our nation.<\/p>\n
\u00a0<\/p>\n
We are also grateful to Congress for the unprecedented level of funding provided for CISA in the Fiscal Year 2022 Omnibus. This investment represents a recognition of the importance of our mission and the confidence of the Congress in our ability to defend our nation\u2019s networks and critical infrastructure.\u201d<\/p>\n
\u00a0<\/b><\/p>\n
You must act now!<\/b><\/p>\n
Protect your customers, your company, and your reputation today.<\/b><\/p>\n
\u00a0<\/b><\/p>\n