Last night, a few hours before the State of the Union address, congress passed a cybersecurity bill…finally! Some of the details, summarized from the article
* Businesses in certain sectors (e.g. financial, transportation, energy to name a few) MUST alert the government when hacked or when they pay ransomware
* Updates to rules how government agencies manage information security
* Changes to how the government assesses and manages the security the the cloud systems in use
CISA should get much more information and insight into the number and type of attacks U.S. companies are being subjected to on a daily basis and be able to share it with concerned entities in a more timely fashion.
Details at https://www.washingtonpost.com/politics/2022/03/02/senate-is-finally-passing-big-cyber-bills/ if you’re interested in more details.