Cybersecurity companies speak out on bipartisan bill

The US Senate has introduced a bipartisan bill that requires critical infrastructure operators to report cyberattacks within 72 hours.

The US Senate has just introduced a bipartisan bill that requires critical infrastructure operators, such as banks and energy companies, to report cyberattacks within 72 hours. Other organisations such as state and local governments and businesses with more than 50 employees will also be required to report any ransoms paid following an attack to the federal government within 24 hours of payment.

The Senate bill comes after the House of Representatives passed a similar measure in fiscal 2022 National Defense Authorisation Act (H.R. 4350) on September 23. The House bill, however, does not require ransomware payments to be reported.

Cybersecurity companies Exabeam, Egnyte and Glasswall have spoken out on the bill.

Tyler Farrar, CISO, Exabeam says: "Critical national infrastructure (CNI) is at the top of the target list for adversaries, given the impact if successful, even in part.  

"The need to understand and baseline normal critical asset/system posture is absolutely key in protecting critical infrastructure to prevent a breach from even occurring in the first place. Regardless of whether systems in operational technology (OT) environments are air-gapped or not, if there’s a digital route to the system, then it’s at risk. We’ve got to ensure we’re monitoring OT systems far more diligently by capturing all viable log data in terms of access control, system settings and maintenance. Any abnormality -- regardless of how small -- should be investigated, triaged and managed accordingly. Relying on users alone for the protection of our CNI systems does not (and will not) scale.

"Working smarter with automation technologies in managing large volumes of data streams, analysing them for anomalies and reporting risk and attacks in real time, is the only way forward for CNI protection. This, in partnership with continued user education in being diligent and applying critical thinking analysis to system activity reports, is critical.”

Neil Jones, cybersecurity evangelist, Egnyte adds: “With the escalating volume of ransomware attacks and ballooning ransom payments, it's clear that current approaches to addressing ransomware just aren't working. So, I'm excited to see bipartisan support for this proposed measure that will require financial institutions and critical infrastructure operators to promptly report cybersecurity incidents and ransomware payments to the federal government. 

"It is especially reassuring to see a CCPA or GDPR-style incident reporting timeframe of 72 hours, so that organisations in those industries will no longer be able to delay reporting of potential data breaches for months and months, without informing the government. Finally, I'm reassured to see that organisations in industries that haven't traditionally invested significantly in IT security such as non-profit organisations, small- and medium-sized businesses (SMBs) and local governments will be required to report potential ransomware payments.”

Danny Lopez, CEO, Glasswall concludes: "The senate bill to mandate reporting cybersecurity incidents and ransomware payments is a crucial step in combating the wave of major cyberattacks we have seen in the last two years. While the US government appears to have decided against making ransomware payments illegal, this disclosure structure should still play an important role in encouraging organisations to be proactive rather than reactive in regards to cybersecurity. 

"This latest policy move, plus the administration's earlier executive orders (EOs) on the subject, show that federal cyber leaders are pushing for a more secure future for the U.S. Previous EOs have emphasised the importance of stronger multi-factor authentication and encryption, which we applaud. These are critical elements in an effective cybersecurity stack, but an overarching zero trust approach will take businesses’, government agencies’ and critical infrastructure organisations’ proactive protection to the next level. 

"Zero trust security sees the world differently. No one is trusted by default, regardless of whether they are inside or outside a network. Without a zero trust approach organisations run the risk of attackers having a free reign across a network once they are inside. If more security teams turn to this approach, fewer attacks and payments will need to be reported.”


Featured Articles

UK police cyberattack a reminder of third party risk

Cyber criminals use back-door suppliers cyberattack to spread alarm through Britain's biggest police force

Building Cyber Resilience into ‘OT in Manufacturing’ webinar

Join Acronis' webinar, Building Cyber Resilience into ‘OT in Manufacturing’, 21st September 2023

Trustwave report on hospitality industry security threats

Nearly 31% of hospitality organisations have reported a data breach in their company’s history, according to a Trustwave cybersecurity report

Barracuda Managed XDR uses AI to uncover cyber incidents

Technology & AI

Imperva: 32% of work data breaches could have been avoided

Operational Security

Supply chain cyberattacks seen as catastrophic for business

Cyber Security