United States of America: Introduction of Cyber Incident Reporting Act 2021 including ransomware payment reporting requirement in US Senate

Introduction of Cyber Incident Reporting Act 2021 including ransomware payment reporting requirement in US Senate

Draft Bill S.2875, the Cyber Incident Reporting Act 2021, has been introduced in the US Senate. The draft bill stipulates that all entities, excluding individuals and businesses with fewer than 50 employees, must report ransomware payments to the Director of the Cybersecurity and Infrastructure Security Agency within within 24 hours of payment.

Original source

Scope

Policy Area

Data governance

Policy Instrument

Cybersecurity regulation

Regulated Economic Activity

cross-cutting

Implementation Level

national

Government Branch

legislature

Government Body

parliament

Complete timeline of this policy change

Hide details

2021-09-28

under deliberation

Draft Bill S.2875, the Cyber Incident Reporting Act 2021, has been introduced in the US Senate. The…

2023-01-03

rejected

On 3 January 2023, the Cyber Incident Reporting Act of 2021 was rejected after failing to pass befo…

Description

Introduction of Cyber Incident Reporting Act 2021 including ransomware payment reporting requirement in US Senate

Scope

Complete timeline of this policy change