US Critical Infrastructure Companies Will Have to Report When They Are Hacked

March 15, 2022

Read Time:34 Second

Companies critical to U.S. national interests will now have to report when they’re hacked or they pay ransomware, according to new rules approved by Congress.

[…]

The reporting requirement legislation was approved by the House and the Senate on Thursday and is expected to be signed into law by President Joe Biden soon. It requires any entity that’s considered part of the nation’s critical infrastructure, which includes the finance, transportation and energy sectors, to report any “substantial cyber incident” to the government within three days and any ransomware payment made within 24 hours.

Even better would be if they had to report it to the public.

Windscribe Acquitted on Charges of Not Collecting Users’ Data

Uyghur Diaspora Group Targeted with Remote Surveillance Malware

Half of Mobile Devices Run Outdated Operating Systems

Researchers Note 16.7% Increase in Automated Scanning Activity

2025 Cyber Resilience Research Discovers Speed of AI Advancing Emerging Attack Types

ISACA Highlights Critical Lack of Quantum Threat Mitigation Strategies

FBI Asks for Help Tracking Chinese Salt Typhoon Actors

Government Set to Ban SIM Farms in European First

Friday Squid Blogging: Squid Facts on Your Phone