• Skip to main content
  • Skip to footer

Commonwealth Sentinel

Kentucky Cyber Security

MENUMENU
  • Home
  • About
    • About: Sheri Donahue
    • About: Leo Haggerty
    • Career Opportunities
  • Services
    • Vulnerability and Threat Evaluation
    • Transformation Management
    • CISO Management Services
    • Incident Response Management
  • News
  • Blog
  • FAQs
  • Contact Us
You are here: Home / Blog / Strengthening American Cybersecurity Act Signed into Law

Terry Davis / March 18, 2022

Strengthening American Cybersecurity Act Signed into Law

This week, President Biden signed the Strengthening American Cybersecurity Act. It sounds like a great idea to “strengthen American cyber security”. But how exactly are we going to do that?
The quickest and easiest way to improve cyber security across the country is through information sharing for trend analysis, threat alerts, protection measures, etc.
The new law requires that critical infrastructure owners and operators must report a cyber breach within 72 hours to DHS, specifically to the Cybersecurity and Infrastructure Security Agency (CISA). Additionally, if the breach results in the payment of ransom in a ransomware attack, the reporting must be made within 24 hours.
One very important provision of the law is that it grants CISA subpoena power if an organization does not report a cyber incident or ransomware payment.
“What exactly is considered a critical infrastructure?”, you may ask. Just about anything you can think of. The 16 critical infrastructure sectors as defined by DHS are:

  • Chemical
  • Commercial Facilities
  • Communications
  • Critical Manufacturing
  • Dams
  • Defense Industrial Base
  • Emergency Services
  • Energy
  • Financial Services
  • Food and Agriculture
  • Government Facilities
  • Healthcare & Public Health
  • Information Technology
  • Nuclear Reactors, Materials & Waste
  • Transportation Systems
  • Waste & Wastewater Systems
    See what I mean? Hard to really imagine anything that’s not critical infrastructure.
    So, once again, how will this law which requires reporting cyber incidents improve cyber security? It allows for a whole-of-government approach to protecting, detecting, responding, and recovering from cyber attacks. The quicker a threat is detected, the quicker it can be stopped or mitigated. This is not intended to be a one-way street in which the information is shared with the government and appears to go into a black hole. It is part of the government’s process of evaluating threats and providing guidance to the owners and operators of the critical infrastructure in order to best protect us all.
    Although the law has been signed, it will take up to two years for it to be implemented. However, given the recent cyber attacks and the elevated threat of cyber attacks as a result of the Russian invasion of Ukraine, it may be sooner.
    CYBER NEWS
    Cyber insurance policies may be put to the test by Russian attacks, credit ratings firm warns
    Cyber insurance policies may be put to the test by Russian attacks, credit ratings firm warns
    The Record by Recorded Future gives exclusive, behind-the-scenes access to leaders, policymakers, researchers, and the shadows of the cyber underground.
    therecord.media • Share
    Ukraine Secret Service Arrests Hacker Helping Russian Invaders
    Ukraine Secret Service Arrests Hacker Helping Russian Invaders
    Ukrainian Secret Service has arrested a hacker who was helping Russian invading forces.
    thehackernews.com • Share
    How to plan for increased security risks resulting from the Great Resignation
    How to plan for increased security risks resulting from the Great Resignation
    IT and security staff are resigning, feeling increased stress from managing more remote employees, and a rapid transition to the cloud.
    www.helpnetsecurity.com • Share
    How fast can organizations respond to a cybersecurity crisis?
    How fast can organizations respond to a cybersecurity crisis?
    Immersive Labs launched an analysis of human cyber capabilities, analyzing cyber knowledge, skills and judgment.
    www.helpnetsecurity.com • Share
    TIP OF THE WEEK
    Password Managers: With so many passwords to keep track of (you better not be using the same password for more than one account), it can be difficult to keep track of them all. Especially when you are required to change them periodically.
    Here are some features to look at when considering which password manager to use.
  • Ability to set the length and characters for the password generator function
  • Auto-capture forms when you fill them in
  • Organization of passwords
  • Access to multi-factor authentication
  • Strength scoring for your passwords
  • Alerts when your password has been leaked on the dark web
  • Auto-fill
  • Good customer interface and easy to use
    VOCABULARY WORD
    Password Manager: An application used to encrypt and store passwords for accounts in one place so the user only has to remember the password to the manager.
    CYBER HUMOR

Filed Under: Blog

Footer

CONTACT US

Address:
Commonwealth Sentinel Cyber Security
1230 Us Highway 127 S Suite 5 Frankfort KY 40601
Phone:
(502) 320-9885

ABOUT US

Cyber security consulting for local governments, non-profit organizations, and small businesses facing the threats of the cyber world.  At Commonwealth Sentinel, we are passionate about helping people be cyber-safe!

FOLLOW US

  • Email
  • Facebook
  • LinkedIn
  • Phone
  • Twitter
  • YouTube

Copyright © 2023 Commonwealth Sentinel

We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept”, you consent to the use of ALL the cookies.
Cookie settingsACCEPT
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT