New US Cybersecurity Laws – Everything You Should Know - Talion

The threat of potential cyber attacks against critical infrastructure within the US is on the rise.

There are warnings of Russia engaging in malicious cyber activity as a result of the economic sanctions imposed by America on their country.

It’s more important than ever that organizations take action in alignment with these new legislations to strengthen their defences and promote awareness around ransomware amongst peers.


What is the new cybersecurity legislation in the US?

As of March 1st, the United States Senate passed the Strengthening American Cybersecurity Act of 2022 – a new legal requirement for critical infrastructure companies to report cyber incidents and ransom payments to the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA).

Cyber incidents must be disclosed within 72 hours of occurrence, and ransom payments reported within 24 hours of payment. Any suspicion of non-compliance may follow with the threat of referral to the US Department of Justice.


What companies will be covered?

The Act has laid out a definition of “covered entities” as based on the following:

(A) the consequences that disruption to or compromise of such an entity could cause to national security, economic security, or public health and safety.

(B) the likelihood that such an entity may be targeted by a malicious cyber actor, including a foreign country.

(C) the extent to which damage, disruption, or unauthorized access to such an entity, including the accessing of sensitive cybersecurity vulnerability information or penetration testing tools or techniques, will likely enable the disruption of the reliable operation of critical infrastructure.

This includes sectors ranging from chemical, emergency services and energy, to food and agriculture, information technology and transportation systems.



What types of ransom payments are covered?

The Act allows for ransomware reporting beyond the traditional attacks; it includes the use, or threatened use, of unauthorized malicious code, denial of service attacks, and any other mechanism designed to disrupt the operations of an entity’s information system. Any payment that is made to avoid loss of confidentiality, availability or integrity of data (whether actual or threatened) is feasible.

What should the ransom report include?

When reporting a ransom payment, it must include the following:

  • A description of the attack, including estimated date range of the attack
  • A description of the vulnerabilities, tactics, techniques, and procedures used to perpetrate the ransomware attack
  • Any identifying or contact information related to each actor reasonably believed to be responsible for the ransomware attack
  • The name and other information that clearly identifies the covered entity that made the ransom payment or on whose behalf the payment was made
  • Contact information for the covered entity or an authorized agent of the entity
  • The date of the ransom payment
  • The ransom payment demand, including the type of virtual currency or other commodity requested
  • The ransom payment instructions
  • The amount of the ransom payment


For more information regarding general cyber incidents, alongside ransomware, see here.


CISA’s Shields Up Campaign

CISA are warning organizations, both large and small, to prepare themselves to respond to disruptive cyber incidents, thus protecting both the critical infrastructure of the US whilst avoiding the necessity to report to the government.

With the launch of their Shields Up Campaign, CISA have shared free cybersecurity services and tools to assist organizations who may find it challenging to identify what they need for urgent security improvements.

You can access these free resources here.


The American influence on the UK

In light of the new US cybersecurity laws, it seems the UK are following suit; America’s stand to fight against cybercrime and ransomware attacks is encouraging more countries to take action too.

The UK Government currently have an open consultation on its proposal to reform the existing UK cybersecurity legislation, with a National Cyber Strategy 2022 Policy Paper available for viewing.

The proposal consists of 3 pillars:

  • broadening the scope of existing UK Cyber security framework
  • modernizing the NIS Regulations
  • introducing standards for cyber security professionals


The reform is still in its early days, but it is promising to see that the US are not alone in their drive to improve the process of reporting and recovering from cyber-incidents.


#RansomAware banner


Whilst reporting cyber incidents and ransom payments is now becoming a legal requirement in the US, there is a greater incentive for organizations to share their experiences and encourage others to do the same. By doing so, we can remind others to report disruptive attacks where necessary and support the government in setting out future measures to reduce the impact.

Our #RansomAware LinkedIn group is an opportunity to get involved if you’re interested – share relevant articles, express your opinion, and get updates on what’s topical in the ransomware space.

We hope to see you there.

Watch demo video
We’re a tight-knit, highly skilled operation, so when a threat arises, we move quickly.
Watch demo video
We’re a tight-knit, highly skilled operation, so when a threat arises, we move quickly.
24x7x365 UK-based Security Operations Centre
Service underpinned by market leading threat intelligence team
Continually developed threat relevant content, backed by SLAs
MDR service has featured in the Gartner Magic Quadrant for 6 consecutive years
Experts in SIEM and SOAR technology
UK-based Senior Leadership
Looking to maximise value and flexibility?
Learn how Talion and DEVO partner to achieve this.
Discuss your cyber security needs
Contact us below and one of our team will be in touch to answer your questions.

Call us on 0800 048 5775

Call us directly and we’ll put you in touch with the most relevant cyber expert.

Get In Touch With Us

Not currently free to call? Give us a brief description of what you’re looking for by filling out our form and we’ll email you as soon as we can.

CISO Cyber Dinner – Register Your Interest!

Thought-provoking cyber security discussion at Michelin-star restaurants across the UK.