A person at a computer carrying out a cyber attack in the dark.

Shutterstock (Licensed)

New bill wants to make sure major cyberattacks are reported right away

The bill would require notifications within 24 hours.


Andrew Wyrich


Posted on Jul 21, 2021   Updated on Aug 4, 2021, 3:16 pm CDT

A group of senators introduced a bill on Wednesday that would require certain companies to report cybersecurity incidents.

The bill, the “Cyber Incident Notification Act,” comes amid a series of high-profile cyberattacks in recent months like the Colonial Pipeline ransomware incident and SolarWinds cyberattack, which impacted government agencies.

Under the bill, federal contractors and infrastructure groups would be required to report cybersecurity incidents to the Cybersecurity and Infrastructure Security Agency (CISA) within 24 hours, according to a copy of the legislation published by NextGov. They would need to update the agency no later than 72 hours after receiving new information. The notifications to CISA would not be subject to the Freedom of Information Act and may not be admitted as evidence in any civil or criminal action, the bill says.

The bill also would require Homeland Security to give Congress an annual report that summarizes the reported cybersecurity incidents.

The Senate Intelligence Committee Chairman Sen. Mark Warner (D-Va.), Vice Chairman Sen. Marco Rubio (R-Fla.), and committee member Sen. Susan Collins (R-Maine) are the main sponsors of the bill, but several other lawmakers have also backed it.

“It seems like every day Americans wake up to the news of another ransomware attack or cyber intrusion. The SolarWinds breach demonstrated how broad the ripple effects of these attacks can be, affecting hundreds or even thousands of entities connected to the initial target,” Warner said in a statement, according to the Hill. “We shouldn’t be relying on voluntary reporting to protect our critical infrastructure. We need a routine federal standard so that when vital sectors of our economy are affected by a breach, the full resources of the federal government can be mobilized to respond to and stave off its impact.”

Read more of the Daily Dot’s tech and politics coverage

Nevada’s GOP secretary of state candidate follows QAnon, neo-Nazi accounts on Gab, Telegram
Court filing in Bored Apes lawsuit revives claims founders built NFT empire on Nazi ideology
EXCLUSIVE: ‘Say hi to the Donald for us’: Florida police briefed armed right-wing group before they went to Jan. 6 protest
Inside the Proud Boys’ ties to ghost gun sales
‘Judas’: Gab users are furious its founder handed over data to the FBI without a subpoena
EXCLUSIVE: Anti-vax dating site that let people advertise ‘mRNA FREE’ semen left all its user data exposed
Sign up to receive the Daily Dot’s Internet Insider newsletter for urgent news from the frontline of online.
Share this article
*First Published: Jul 21, 2021, 10:06 am CDT