United States of America: Ransomware payment reporting requirement in Cyber Incident Reporting Act
Progress
Current status
rejected
03 Jan 2023 rejected
28 Sep 2021 under deliberation
Scope
Implementers
United States of America
Policy Area
Data governance
Policy Instrument
Cybersecurity regulation
Regulated Economic Activity
cross-cutting
Government Branch
legislature
Government Body
parliament
Implementation Level
national
Timeline of events
Rejected Cyber Incident Reporting Act 2021 (S.2875) including ransomware payment reporting requirement
On 3 January 2023, the Cyber Incident Reporting Act of 2021 was rejected after failing to pass before the 117th Congress adjourned.
SourceEvent type
law
Action type
rejection
Government branch
legislature
Government body
parliament
Introduction of Cyber Incident Reporting Act 2021 including ransomware payment reporting requirement in US Senate
Draft Bill S.2875, the Cyber Incident Reporting Act 2021, has been introduced in the US Senate. The draft bill stipulates that all entities, excluding individuals and businesses with fewer than 50 employees, must report ransomware payments to the Di…
SourceEvent type
law
Action type
introduction
Government branch
legislature
Government body
parliament