Infrastructure security strengthened with cybersecurity bill passed by U.S. senate
Victoria Rees
Share this content
The ‘Strengthening American Cybersecurity Act’ has been unanimously passed by the U.S. senate in a bid to improve cybersecurity for owners of critical infrastructure.
The legislation is designed to alert the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to any cyber incidents within 72 hours of them occurring. Also, agencies will be alerted within 24 hours of any ransomware payments.
Organisations are required to keep any relevant information and share updates to a previously submitted covered cyber incident report if substantial new or different data becomes available or if the covered entity makes a ransom payment after submitting a covered cyber incident report.
The Strengthening American Cybersecurity Act of 2022 combines three different bills: the Cyber Incident Reporting Act (CIRA), the Federal Information Security Management Act (FISMA) and the Federal Secure Cloud Improvement and Jobs Act (FSCIJA).
While FISMA incorporates more effective cybersecurity practices, FSCIJA aims to accelerate the deployment of cloud computing products and services and drive stronger adoption of secure cloud capabilities, create jobs and reduce dependency on legacy information technology.
The legislation, now that it has been approved by the Senate, needs to be passed by the House before it’s officially signed into law.
“As cyber and ransomware attacks continue to increase, the federal government must be able to quickly coordinate a response and hold these bad actors accountable,” said U.S. Senator Rob Portman in September 2021.
“This bipartisan bill will give broad visibility into the cyber-attacks taking place across our nation on a daily basis to enable a whole-of-government response, mitigation and warning to critical infrastructure and others of ongoing and imminent attacks,” he concluded.