U.S. Senate passes cybersecurity bill amid warnings of Russian cyberattacks

The U.S. Senate has passed the Strengthening American Cybersecurity Act of 2022, which will require federal agencies and organizations in the critical infrastructure sector to report cyberattacks within 72 hours. Organizations will also be required to report ransom demands and payments.

The Senate passed the cybersecurity act amid warnings from the Department of Homeland Security (DHS) and the Cybersecurity and Infrastructure Security Agency (CISA) about the potential for Russian cyberattacks targeting U.S. organizations.

The bill aims to bolster the cybersecurity posture of the federal government, as well as the cyber incident reporting practices of the critical infrastructure sector.

The cybersecurity act presents two challenges to critical infrastructure organizations, according to Jim McKenney, Practice Director, Industrials and Operational Technologies at NCC Group.

“The first challenge — resource constraints in people, time and funding — can be addressed by running cyber incident response tabletop exercises with partners who specialize in operational environments to “right-size” the response plan with the necessary tools, processes and people," said McKenney.

A lack of instrumentation in critical infrastructure environments also presents a challenge, according to McKenney. "A bank can rather easily invest in a centralized intrusion detection system within a data center, but critical infrastructure operator facilities such as compressing stations, water towers and substations, which are distributed across a great deal of geography, will have space, power, communications and network infrastructure limitations. Because of this, operating environments require significantly more time, effort and expertise to obtain a comparable level of capabilities that a bank would enjoy.”

Madeline Lauver is the Editor in Chief of Security magazine. Lauver joined Security in 2021 as its Assistant Editor, and she covers news affecting enterprise security leaders, including physical security, cybersecurity, leadership and management, risk and resilience and more. Within her role at Security, Lauver focuses on news articles, web exclusives, features and several departments for Security’s monthly digital edition, as well as managing social media and multimedia content. Lauver graduated in 2019 with a B.A. in English, German and Media Studies from Kalamazoo College.

ON DEMAND: Business-impacting events such as severe weather, man-made disasters, and supply chain disruption are increasing in frequency and making impacts around the globe.

In today's rapidly evolving security landscape, organizations face an ever-growing array of disruptive events, security threats and risks. Traditional reactive approaches to security intelligence often leave businesses vulnerable and ill-prepared to anticipate and mitigate emerging threats that could impact the safety of their people, facilities or operations.

U.S. Senate passes cybersecurity bill amid warnings of Russian cyberattacks

Get our new eMagazine delivered to your inbox every month.

Stay in the know on the latest enterprise risk and security industry trends.

U.S. Senate passes cybersecurity bill amid warnings of Russian cyberattacks

Share This Story

Related Articles

Get our new eMagazine delivered to your inbox every month.

Stay in the know on the latest enterprise risk and security industry trends.