Bipartisan bill would require 24-hour Ransom Notice, 72-Hour Incident Report within 72 hours of discovery. The Cyber Incident Reporting Act would also establish a Cyber Incident Review Office at CISA. The new body would have subpoena power over groups that fail to report – which could lead to inquiries from the Department of Justice. The bill responds to a string of cyberattacks that have crippled networks over the past year, including the Colonial Pipeline ransomware attack that forced the company to shut down over 5,500 miles of pipeline.”]
Source: https://www.govinfosecurity.com/new-legislation-eyes-both-ransom-incident-reporting-a-17650