• How We Help
    • Types of Insurance
    • Workers’ Compensation
    • Cyber Insurance
    • Business Insurance
    • Term Life Insurance
    • Employee Benefits
    • Curated Compliance
  • Policy Holder Services
    • Certificate of Insurance Request
    • File A Claim
    • Background Checks & Drug Testing
  • Current Partners
    • Benefits Carriers
    • Become A Partner
  • Education
    • Safety & Loss Control
    • Business Insights
  • About Us
    • About E-COMP
    • About CoverEase
    • Press Releases
  • Types of Insurance
  • Workers’ Compensation
  • Cyber Insurance
  • Business Insurance
  • Term Life Insurance
  • Employee Benefits
  • Curated Compliance
  • Certificate of Insurance Request
  • File A Claim
  • Background Checks & Drug Testing
  • Benefits Carriers
  • Become A Partner
  • Safety & Loss Control
  • Business Insights
  • About E-COMP
  • About CoverEase
  • Press Releases
  • Get My Quotes
  • Log In
  • Pay Premium
Granite logo
  • How We Help
    • Types of Insurance
    • Workers’ Compensation
    • Cyber Insurance
    • Business Insurance
    • Term Life Insurance
    • Employee Benefits
    • Curated Compliance
  • Policy Holder Services
    • Certificate of Insurance Request
    • File A Claim
    • Background Checks & Drug Testing
  • Current Partners
    • Benefits Carriers
    • Become A Partner
  • Education
    • Safety & Loss Control
    • Business Insights
  • About Us
    • About E-COMP
    • About CoverEase
    • Press Releases
  • Get My Quotes
  • Log In
  • Pay Premium
Congress Adopts New Cybersecurity Reporting Requirements

Congress Adopts New Cybersecurity Reporting Requirements

On March 1, 2022, Congress passed the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (the Act), which requires covered entities to report certain cyber incidents. The Act requires covered entities that experience a covered cyber incident to report the incident to the Cybersecurity and Infrastructure Security Agency (CISA) no later than 72 hours after the covered entity reasonably believes that the covered cyber incident has occurred.

These requirements are meant to provide greater cybersecurity visibility for the federal government. The requirements will go into effect once the rule is published in the Federal Register, after going through the formal rulemaking process.

Act Overview

An entity will be covered by and required to report under this Act if it is in a critical infrastructure section. An infrastructure system or asset is critical if it is vital to the United States that its incapacity or destruction would have a debilitating impact on security, national economic security, national public health or safety, or any combination of those matters.

In addition, a covered entity that makes a ransom payment as the result of a ransomware attack against must report the payment to the CISA no later than 24 hours after the ransom payment has been made. This requirement applies even if the ransomware attack is not a covered cyber incident subject to the 72-hour reporting requirement.

The Act requirements do not apply to covered entities or their functions if the CISA determines they constitute critical infrastructure owned, operated or governed by multi-stakeholder organizations.

Next Steps

Covered entities should review the Act’s requirements and continue to monitor the Federal Register for an update on the Act’s effective date.

 

This Legal Update is not intended to be exhaustive nor should any discussion or opinions be construed as legal advice. Readers should contact legal counsel for legal advice. ©2022 All rights reserved.

RECENT posts

Webinar: Guidance on managing COVID Workers’ Compensation Claims

Webinar: Guidance on managing COVID Workers’ Compensation Claims

Tips On How to Get Back to Business with COVID-19 Challenges

Tips On How to Get Back to Business with COVID-19 Challenges

Webinar: 2021 Cal OSHA COVID 19 Prevention Standards

Webinar: 2021 Cal OSHA COVID 19 Prevention Standards

information

  • Contact Us
  • Careers
  • Business Insights
  • Philanthropy
  • Terms of Use
  • Our Commitment to Accessibility
  • Privacy and Security Policies
  • Compensation Disclosure Notice

Helpful Links

  • Pay Premium
  • Channel Partner Login
  • Help & Service Center
  • Certificate of Insurance Request
  • Report A Claim

SOCIAL MEDIA

  • Connect with Twitter

  • Connect with Facebook

  • Connect with Instagram

  • Connect with Linkedin

Need Live Expertise? Call:  888-347-2648 or email us:  info@graniteins.com
Copyright © 2024 Granite Insurance Brokers, Inc. | License #0C41366

Insurance services provided by Granite Insurance Brokers and its licensed agents and affiliates. The information contained within these materials are confidential and not to be distributed. Descriptions are general in nature only. Please refer to the terms and conditions of policies offered or purchased. Insurance products are subject to application and underwriting requirements. Pricing depends on a variety of factors including policyholder location. Not all discounts available in all states. Not all products available in all states. Use of and access to this information, site or any of the links contained within this site does not create a relationship between the user and Granite. © 2022 Granite Insurance Brokers, Inc. All Rights Reserved.