4 Senators File Cyber Reporting Amendment for NDAA
A bipartisan group of senators introduced an amendment to the National Defense Authorization Act Friday that would require critical infrastructure operators to report major cyber incidents to the federal government. Senate Homeland Security Committee Chairman Gary Peters, D-Mich., and ranking member Rob Portman, R-Ohio, introduced the amendment with Senate Intelligence Committee Chairman Mark Warner, D-Va., and Sen. Susan Collins, R-Maine, as expected (see 2110060077). Companies and federal agencies would have to report to the Cybersecurity and Infrastructure Security Agency within 72 hours of an incident, and most entities would have to report ransomware payments. The amendment is based on legislation passed by the Senate Homeland Security Committee.