Hacked critical infrastructure operators will be required to send the federal government detailed reports describing network security breaches and ransom payments within a short time frame under rules proposed by the US Cybersecurity and Infrastructure Security Agency.
Breach reports would describe the type and duration of a cyberattack, what data or systems it disrupted, and the amount of any ransom paid to resolve the hack, according to the 447-page advance notice of proposed rulemaking scheduled to be published in the Federal Register on April 4. Reports on payments would be due to CISA within 24 hours of the transaction, while ...
Learn more about Bloomberg Law or Log In to keep reading:
Learn About Bloomberg Law
AI-powered legal analytics, workflow tools and premium legal & business news.
Already a subscriber?
Log in to keep reading or access research tools.