Bloomberg Government subscribers get the stories like this first. Act now and gain unlimited access to everything you need to know. Learn more.
Fears of Russian cyberattacks led the U.S. Senate to fast track a package of cybersecurity proposals focused on reporting hacks.
U.S. businesses are on high alert for Russian cyberattacks in retaliation to escalating sanctions imposed for invading Ukraine. The Cybersecurity and Infrastructure Security Administration (CISA) is warning organizations to prepare, although it says there are no specific threats to the U.S. right now.
The Senate passed the Strengthening American Cybersecurity Act (S. 3600), a package of three cybersecurity bills sponsored by Sen. Gary Peters (D-Mich.), on Tuesday by unanimous consent.
“Today the Senate is taking an urgently needed step to protect the American people, American critical infrastructure and American government institutions from the dangerous threat of cyber attacks,” Majority Leader Chuck Schumer (D-N.Y.) said. The “most important” provision is a requirement on businesses to report cyberattacks, Schumer said.
The legislation would require critical infrastructure owners, such as energy and health care facilities, to report substantial cyberattacks and ransomware payments to CISA.
It would also require federal agencies to report cyberattacks to CISA, and require more attacks to be reported to Congress.
The bill also would authorize the Federal Risk and Authorization Management Program cloud computing program for five years.
Sen. Rob Portman (R-Ohio), ranking member of the Senate Homeland Security and Governmental Affairs Committee, co-sponsored the bill. Peters is chair of the committee.
With assistance from Nancy Ognanovich
To contact the reporter on this story: Maria Curi at firstname.lastname@example.org