Negotiators scrapped cybersecurity provision in annual defense spending bill. The measure would have required owners and operators of critical infrastructure to report cybersecurity incidents and ransom payments made to criminal gangs. It was removed from the package at the eleventh hour as lawmakers sought a compromise on requirements for private organizations. Cybersecurity leaders have previously estimated that only about one-quarter of all cyber incidents get reported to the U.S. government. Some cybersecurity experts express the need to get these requirements codified into law.”]

