US Cyber Security Chiefs Support Mandatory Incident Reporting

The US government’s top cyber security officials have endorsed the idea of new legislation that would make private sector companies report when they have been hacked. “We absolutely agree it’s long past time to get cyber incident reporting legislation out there,” Cybersecurity and Infrastructure Security Agency chief Jen Easterly (pictured) said during a Senate Homeland Security Committee hearing.

The Director of the US cyber security enforcement agency “is a huge supporter” of bipartisan legislation to mandate that operators of critical infrastructure report data breaches to the government.

Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency, said she backs draft legislation from the Senate Homeland Security and Governmental Affairs Committee to require certain private companies, federal agencies and government contractors to report cyber attacks to the agency.

The proposed legislation is partly in response to a surge of major cyber attacks that targeted government agencies and critical industries.

The hacks increased pressure on the Biden administration to bolster U.S. cyber defences and fuelled calls for federal legislation to require companies to share incidents with the federal government to assist in response and recovery.
The panel’s chairman, Michigan Democrat Gary Peters, told Bloomberg that he hopes to incorporate feedback from the hearing and introduce the bill in the coming weeks.

An increase in cyber attacks, particularly from ransomware, has hit the private sector particularly hard, which owns and operates 85% of critical infrastructure.

Meanwhile, similar legislation has been added to the must-pass defence authorisation measure scheduled to pass the House this week. “The earlier that CISA, the federal lead for asset response, receives information about a cyber incident, the faster we can conduct urgent analysis and share information to protect other potential victims,” Easterly said in written testimony for the committee’s hearing.

The mandatory report should include digital supply chain and ransomware attacks, Easterly said said.

  • Cyber incident reporting should be timely, Easterly said, “ideally within 24 hours of detection.” This is in contrast to a  draft bill from thee Republican party which proposes a 72-hour time frame for reporting.
  • Incident reporting should also be “broad-based and not limited to type or sector,” Easterly said, adding that CISA and the US
  • The Department of Justice should have joint authority over reviewing the reports from critical infrastructure operators as well as from federal agencies and government contractors.

Chris Inglis, the former NSA chief and newly installed US National Cyber Director, said at the hearing that cyber incident reporting would be “profoundly useful” and would be helpful in preventing future cyberattacks.

Both Easterly and Inglis said they supported fines on companies as an enforcement mechanism for not reporting cyber attacks.

Easterly, though, expressed scepticism towards the idea of using subpoenas for enforcements as proposed in the Republican bill. “My personal view is that it is not an agile enough mechanism to allow us to get the information that you need to share it as rapidly as possible to prevent other potential victims,” she said.

The Record:   Bloomberg;     Bloomberg:     Insurance Journal:      Image: CISA

You Might Also Read:

Australia Implements Mandatory Data Breach Reporting:

 

« Incident Response In The AWS Cloud
Webinar: How to build a secure access service edge (SASE) model in the AWS Cloud »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

baramundi software

baramundi software

baramundi software AG provides companies and organizations with efficient, secure, and cross-platform management of workstation environments.

Redscan Cyber Security

Redscan Cyber Security

Redscan Cyber Security is a Managed Security Services Provider (MSSP) that enables businesses to effectively manage their information security risks.

CSIS Security Group

CSIS Security Group

CSIS provide actionable threat intelligence, prevention, incident response and 24/7 managed security services.

Careers in Cyber Security (CiCS)

Careers in Cyber Security (CiCS)

CareersinCyberSecurity is a leading global job board and career resource for Cyber Security, IT Audit, Technology Risk and Data Protection professionals.

Flipside

Flipside

Information Security training provider specialized in personalized training and security awareness campaigns.

NTIC Cyber Center

NTIC Cyber Center

NTIC Cyber Center is an organization dedicated to making the National Capital Region (Washington DC) more resilient to cyber-attacks.

Private Machines

Private Machines

Private Machines develops unique patent-pending technology protects cloud and data center workloads.

Cybersecurity Center for Secure Evolvable Energy Delivery Systems (SEEDS)

Cybersecurity Center for Secure Evolvable Energy Delivery Systems (SEEDS)

SEEDS conducts research and develops innovative cybersecurity technologies, tools, and methodologies that advance the energy sector’s ability to survive cyber incidents.

Finnish Security & Intelligence Service (SUPO)

Finnish Security & Intelligence Service (SUPO)

The Finnish Security and Intelligence Service is a government agency tasked with combating serious threats to national security in Finland.

ITProTV

ITProTV

ITProTV is part of the ACI Learning family of companies providing Audit, Cyber, and IT learning solutions for enterprise and consumer markets.

Com Olho

Com Olho

Com Olho provides the measurement, analytics, quality assurance, and fraud protection technologies brands need for their business and customers.

Aceiss

Aceiss

Aceiss empowers access security, providing unprecedented visibility and insights into user access.

CAT Labs

CAT Labs

CAT Labs is building digital asset recovery and cybersecurity tools to enable governments to fight crypto crime and to protect investors from hacks, fraud and scams.

SecurEnvoy

SecurEnvoy

SecurEnvoy are a leader in designing zero access trust solutions using the latest cutting-edge technologies, to protect your users, devices and data, whatever the location.

CBIT Digital Forensics Services (CDFS)

CBIT Digital Forensics Services (CDFS)

CDFS is Australia’s premier supplier of digital forensic tools, industry-embedded training and certification to Law Enforcement, Government, and Corporate Enterprise.

Lyvoc

Lyvoc

Lyvoc is a premier cybersecurity integration partner renowned for its expertise in supporting its clients to accelerate and secure their digital transformation.