On March 15, 2022, President Biden signed into law the Cyber Incident Reporting for Critical Infrastructure Act of 2022. This follows increased reporting of cyber threats facing critical infrastructure sectors, particularly the energy sector. The regulations implementing the reporting requirements may be several years away, but overlap with other new reporting requirements such as the recently proposed U.S. Securities and Exchange Commission rules.

Given the heightened threat environment and forthcoming reporting requirements, companies may want to understand the new rules and evaluate their cybersecurity posture.

Read More