The Cyber Incident Reporting for Critical Infrastructure Act is Here. Now What?
President Biden signs the Cyber Incident Reporting for Critical Infrastructure Act into law. The Act’s goal is to harden defenses of U.S. infrastructure from cyber attacks.
According to JD Supra, the Act requires that covered “critical infrastructure companies” must deliver a report within 72 hours of certain cyber incidents to the National Cybersecurity and Infrastructure Security Agency (CISA)…CISA, in turn, will “receive, aggregate, analyze, and secure” these reports in order “to assess the effectiveness of security controls, identify tactics, techniques, and procedures adversaries use to overcome those controls.”