Security Experts:

Connect with us

Hi, what are you looking for?


Management & Strategy

Cyber Incident Disclosure Bill Passes in Senate Amid Fears of Russian Attacks

A recently introduced legislative package whose goal is to strengthen the cybersecurity of critical infrastructure and government networks has passed in the Senate as the U.S. is increasingly concerned about Russian cyberattacks.

A recently introduced legislative package whose goal is to strengthen the cybersecurity of critical infrastructure and government networks has passed in the Senate as the U.S. is increasingly concerned about Russian cyberattacks.

As Russia is attempting to invade Ukraine, a war is also taking place in cyberspace and the United States and its allies are concerned that Russia could step up its cyberattacks. Threat groups linked to Moscow have mostly focused on cyberespionage when targeting the West, but they have been known to launch destructive attacks in other parts of the world.

Last month, U.S. senators Gary Peters (D-MI) and Rob Portman (R-OH) introduced a package named Strengthening American Cybersecurity Act of 2022, which combines three bills introduced in the fall of 2021, including the Cyber Incident Reporting Act.

This bill requires critical infrastructure owners and operators, as well as civilian federal agencies, to inform the Cybersecurity and Infrastructure Security Agency (CISA) of any significant cyberattack within 72 hours.

CISA would also have to be informed — by almost every organization — about any ransomware payment, within 24 hours. The cybersecurity agency would also be given additional authorities to lead incident response for federal civilian networks.

“At a time when we are facing significant threats of Russian cyberattacks against our institutions and our allies, it’s more important than ever that the government have an idea of what those threats are. I am glad the Senate has passed our bipartisan cyber incident reporting bill, and I look forward to working with my colleagues in the House to get a final version of this legislation to the president’s desk as soon as possible,” Sen. Mark Warner, chairman of the Senate Select Committee on Intelligence, said after the Senate passed the bill.

Senate Majority Leader Chuck Schumer said the bill will help protect the United States against “Putin’s attempted cyberattacks.” Schumer noted that the legislation has been around for a while, but “certain business interests opposed it” until now.

“There has been a reluctance on the part of many in the business community to want to do this, because it may expose them to other kinds of harm and maybe the public will not want to be involved in these businesses. But the importance of the reporting is vital,” Schumer said. “When our authorities in the government know of the attacks, they can prepare against future attacks: they will know who is attacking, where they’re attack, how they’re attacking, and that will allow them to strengthen our defenses against future cyberattacks.”

President Joe Biden last year signed an executive order that represents the foundation for several cybersecurity initiatives, including some that have recently come to fruition. These include a memorandum focused on boosting the cybersecurity of National Security Systems, a federal zero trust strategy, and the DHS’s Cyber Safety Review Board (CSRB).

Related: Experts Analyze Proposed Bill Allowing Private Entities to ‘Hack Back’

Related: House Passes Several Critical Infrastructure Cybersecurity Bills

Related: House Passes Two Bills to Improve Small Business Cybersecurity

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...


Twenty-one cybersecurity-related M&A deals were announced in December 2022.

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

Management & Strategy

Tens of cybersecurity companies have announced cutting staff over the past year, in some cases significant portions of their global workforce.

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

CISO Conversations

SecurityWeek speaks with two leading CISOs in the aviation industry – Mitch Cyrus of Honda Aircraft, and Mark Ferguson of Bombardier.