As we all learned, cyberattacks on any type of organization can have serious consequences. Cyber incidents that impact computer systems and the theft of personal, financial, or other confidential information have the potential to cause long-term damage to anyone conducting personal or commercial online transactions. Businesses, consumers, and other Internet users are constantly exposed to such threats.
Companies that fell victims to cyberattacks can get help from government agencies, which are ready to investigate the incident, mitigate the impact, and help prevent future attacks. But for this to happen, they have to report it first.
Unfortunately, numerous organizations still aren’t seeking assistance from the authorities when they suffer a cyberattack, most likely because of the time and expense this action might require. Some companies may even be concerned that getting law enforcement involved will further disrupt operations as they investigate the attacks.
Companies Required to Report Cyberattacks
On March 15th, 2022, President Joe Biden signed into law the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA), establishing new rules and requirements for enterprises that are subjected to hacking attacks.
Organizations that provide critical national infrastructure in the United States are required by the new law to inform the Cybersecurity and Infrastructure