This browser is not actively supported anymore. For the best passle experience, we strongly recommend you upgrade your browser.
| less than a minute read

Senators Propose Mandatory Reporting of Cyberattacks

Two senators floated the idea this week of a mandatory reporting requirement for cyberattacks in the US.  Both Democrats and Republicans appeared open to the idea.  Among other suggestions, Senators mentioned creating a public-private entity to handle reports, coordinating with law enforcement on attacks, and possibly liability protection for victim companies that report attacks.  

These are very preliminary ideas, not formal legislative proposals.  They were raised in the context of a hearing to investigate the hack on SolarWinds, which affected multiple federal agencies and national security entities.  There would be quite a lot of work required -- and presumably a lot of resistance among the business community -- if the US were to consider mandatory reporting legislation.  Nevertheless, this kind of proposal is an indication that Congress is paying attention to cyber issues and may be open to new approaches.    

Bipartisan leaders of a powerful U.S. Senate committee appeared open on Tuesday to revisiting national legislation that would require cyberattack victims to report the episodes to authorities, in the wake of a sprawling cyberespionage campaign stemming from an attack on software provider SolarWinds Corp.


cybersecurity, senate, congress, solarwinds, hacking, compliance, privacy and security law

Related Insights