Ride the Lightning

Cybersecurity and Future of Law Practice Blog
by Sharon D. Nelson Esq., President of Sensei Enterprises, Inc.

Critical U.S. Infrastructure Entities Must Report “Substantial Cyber Incidents” Within 72 Hours

March 3, 2022

The Washington Post reported (thanks for the gift article WAPO) on March 2 that that the Senate passed on March 1 the most significant cyber legislation in history, mandating that companies in critical sectors must alert the government when they are hacked or when they pay ransoms to hackers.

Critical infrastructure industries include energy, transportation, financial services, health care and a number of other fields.

Basically, the impacted entities must report any “substantial cyber incident” within 72 hours.

Rising concern about Russian cyberattacks no doubt were a concern this year – the bill narrowly failed last year. The bill also contains a measure updating the 20-year-old rules about how government agencies manage their information security.

Additionally, it includes a measure updating how the government assesses and manages the cybersecurity of cloud providers that federal agencies use.

The prospects for the bill passing in the House seem very good. At long last . . .

Sharon D. Nelson, Esq., PresidentSensei Enterprises, Inc.
3975 University Drive, Suite 225Fairfax, VA 22030
Email:   Phone: 703-359-0700
Digital Forensics/Cybersecurity/Information Technology
https://senseient.com
https://twitter.com/sharonnelsonesq
https://www.linkedin.com/in/sharondnelson
https://amazon.com/author/sharonnelson