United States Senate has passed on a new resolution if/when approved will make it mandatory for owners of critical infrastructures to report cyber attacks within a time frame of 72 hours.
A cyber incident bill dubbed as Defense Authorization Bill was put forward by the leaders of Senate Homeland Security and Governmental Affairs Committee and is waiting for a nod from the senior members of the senate.
After the cyber incident notification act was proposed, the Cyber Incident Review Office belonging to CISA was asked to review and submit a report by next month’s end. And based on the analysis, the Senate will take a tactical decision that will make organizations with over 50 employees, not-for-profit organizations, and government agencies report a cyber incident within 3 days.
Interestingly, US Senate will also implement the same law for those companies that are affected by ransomware and will apparently force them to consider data recovery tactics rather than paying the attackers.
Similarly, Australia’s Federal Parliament’s Security and Intelligence Committee has also urged the government to take a quick decision on the Cybersecurity Executive Order 2021 that allows Australian Signals Directorate equip with special powers to defend the critical infrastructure against cyber attacks.
For your information, from the past two years, the government of Australia has added new industries into the list of Critical Infrastructure and so it now includes grocery sector, agriculture produce, universities, finance, banking, health, food & communication besides energy, defense, and transport sector.
Note– The Australian Council of Trade Unions has objectified the proposal as it envisions the new act as a privacy invasion bill for people across the economy