United States of America: Introduction of Stop and Sanction Ransomware Act of 2021 including reporting requirement

The Stop and Sanction Ransomware Act of 2021 has been introduced in the US Senate on 5 August 2021. The draft bill provides for a reporting requirement of federal agencies and other specified entities, including federal contractors, critical infrastructure providers and cybersecurity critical response services, on the discovery of ransomware operations. The entities subject to the requirement must submit a report to the Cybersecurity and Infrastructure Security Agency's ransomware reporting system within 24 hours of the discovery of an incident.