According to new guidelines enacted by the Congress, companies essential to the United States’ national interests will now be required to notify when they are attacked or pay ransomware.
The rules are part of a larger push by the Biden administration and Congress to strengthen the nation’s cyberdefenses in the aftermath of a series of high-profile digital espionage efforts and disruptive ransomware assaults. The reports will provide the federal government with significantly more visibility into hacking attempts against private corporations, which frequently avoid contacting the FBI or other law enforcement organisations for assistance.
Additionally, the new laws authorise CISA to issue subpoenas to businesses that fail to report attacks or ransomware payments, and those that do not cooperate with a subpoena may be forwarded to the Justice Department for investigation.
Read More: Securityweek