The New Cyber Incident Reporting Law - Implications and Issues to be aware of

Presented by

Grant Asplund, Growth Technologies Evangelist Pete Nicoletti, Field CISO of the Americas

About this talk

U.S. Congress recently signed the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) into law. This law brings increased visibility to the scope and severity of ransomware attacks and payments. CIRCIA imposes reporting requirements on “covered entities” in the event of a ransomware payment. Covered entities are defined in the Presidential Policy Directive 21, referring to 16 critical infrastructure industries. If a covered entity makes a ransom payment after suffering a ransomware attack, the entity must report the payment to CISA in under 24 hours after the payment is made. Such knowledge allows CISA to inform the public of large scale cyber attacks in an effort to prevent potentially imminent cyber attacks. This law is consistent with the government’s views against paying the ransom because of concerns that it will further incentivize threat actors. We’ll discuss all of the implications for business during this session
Related topics:

More from this channel

Upcoming talks (9)
On-demand talks (351)
Subscribers (53656)
Check Point Software Technologies Ltd. ( is a leading AI-powered, cloud-delivered cyber security platform provider protecting over 100,000 organizations worldwide. Check Point leverages the power of AI everywhere to enhance cyber security efficiency and accuracy through its Infinity Platform, with industry-leading catch rates enabling proactive threat anticipation and smarter, faster response times. The comprehensive platform includes cloud-delivered technologies consisting of Check Point Harmony to secure the workspace, Check Point CloudGuard to secure the cloud, Check Point Quantum to secure the network, and Check Point Infinity Core Services for collaborative security operations and services.