On March 15, 2022, the Cybersecurity Incident Reporting for Critical Infrastructures Act of 2022 was signed into law.
It necessitates that organizations must announce notable cyber incidents, and the act provides protections that encourage businesses to report cyber incidents. The new act mandates transparency of cybersecurity practices, whereas sharing the details of these practices was previously discretionary. The new act also standardizes information sharing.
