Top Threats

Consolidated Appropriations Act 2022 that includes the Cyber Incident Reporting for Critical Infrastructure Act of 2022

  • 1.  Consolidated Appropriations Act 2022 that includes the Cyber Incident Reporting for Critical Infrastructure Act of 2022

    Posted Mar 30, 2022 12:16:00 PM
      |   view attached
    Hi All,

    On March 15, 2022, President Biden signed the Consolidated Appropriations Act 2022 which includes the Cyber Incident Reporting for Critical Infrastructure Act of 2022 

    The Cyber Incident Reporting for Critical Infrastructure Act of 2022 establishes two cyber incident reporting requirements for defined critical infrastructure entities:
    • 24-hour requirement to report any ransomware payments to the U.S. Cybersecurity and Infrastructure Security Agency ("CISA") and
    • 72-hour requirement to report all covered cyber incidents to CISA.
    These requirements will take effect upon the issuance of implementing regulations from the Director of CISA.

    Details related to the Cyber Incident Reporting for Critical Infrastructure Act of 2022 can be found in the document attached in DIVISION Y-CYBER INCIDENT REPORTING FOR CRITICAL INFRASTRUCTURE ACT OF 2022, pages 990 to 1011

    ------------------------------
    Michael Roza CPA, CISA, CIA, MBA, Exec MBA
    ------------------------------

    Attachment(s)

    pdf
    BILLS-117 HR 2471enr.pdf   2.44 MB 1 version