Two US Senators have introduced a combined bill that is focused on strengthening the cybersecurity of critical infrastructure and government networks.
According to Security Week, the package – named Strengthening American Cybersecurity Act – combines the Cyber Incident Reporting Act, the Federal Information Security Modernisation Act and the Federal Secure Cloud Improvement and Jobs Act. The package was introduced by Gary Peters (D-MI) and Rob Portman (R-OH).
If the bill is signed into law, the owners and operators of critical infrastructure as well as civilian federal agencies will be mandated to inform the Cybersecurity and Infrastructure Security Agency (CISA) of any significant cyberattack within 72 hours.
In addition, CISA would also have to be informed by almost every organisation about any ransomware payment within 24 hours. The agency would also be given additional authorities to lead incident response to federal civilian networks.
The bill will aim to update current laws to bolster cybersecurity coordination between agencies as well as to update the threshold for agencies to report cyber incidents to Congress.
The bill will also look to focus on the adoption of cloud technologies by the government to improve operations and efficiency.