[10 min read]
President Biden recently signed a brand new bill for reporting cyber incidents for our critical infrastructure.
The Consolidated Appropriations Act of 2022, was passed by our Congress on the 14th of March. It was then signed into law by President Biden on March 15, 2022.
Within this Act, there is a section that deals specifically with cyber security. Section Y in this new omnibus bill is entitled The Cyber Incident Reporting for Critical Infrastructure Act of 2022 (“the Act”).
So how does this affect you?
Philadelphia’s IT security gurus at Proper Sky explain this Act further, and give concrete steps that can be taken to make a big difference in your own security.
This Act is significant for many reasons, for both our cyber security and for other protections.
You may be hearing people discuss Section Y and be wondering, what is this?
In “Section Y” of the Cyber Incident Reporting for Critical Infrastructure Act, the bill mandates that critical infrastructure entities must quickly report particular cyber incidents and any paid ransomware to the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (Agency).
Critical infrastructure entities include the vast network of:
We can not afford a cyber attack on these networks. Our country’s transportation, financial and commerce sectors, clean water supplies, and much needed electricity and more, all rely on network systems to be working in tip-top order.
If there should ever happen to be a cyber attack or incident of some kind, this Act has new reporting requirements. It requires that companies report all cyberattacks immediately.
Reports from these critical infrastructure entities must follow these guidelines:
Reporting must happen before completing a thorough investigation. Legal counsels and security teams may need to work more closely together for proper reporting and investigating.
All data pertaining to any cyber incidents, including any DOD cybersecurity policy actions, must be preserved until the case is resolved. The Act includes liability protection and confidentiality.
Within two years, a Notice of Proposed Rulemaking (NPRM) will be issued to propose these final rules for putting into place these new requirements for the cyber Incident Reporting Act.
It has never been more important to protect your data, your company’s assets, and your employers from vicious cyber attacks.
There are steps you can take as an individual to keep safe from the external threats of phishers, and more.
If you are a company or organization, you may want to outsource your security protocols to a respected IT professional or company. The importance of your company’s cybersecurity can not be underestimated.
There are great authentication tools for you and your IT professionals to use to keep you safe. These include: DMARC, DKIM, and SPF.
DMARC, DKIM, and SPF are email authentication technologies in the cyber world.
The basic specifics of these technologies
DMARC – Stands for Domain-based Message Authentication, Reporting & Conformance.
The DMARC organization explains,
“DMARC is an email authentication, policy, and reporting protocol. It builds on the widely used SPF and DKIM protocols by adding linkage to the author (“From:”) domain name, published policies for recipient handling of authentication failures, and reporting from receivers to senders, to improve and monitor protection of the domain from fraudulent email.”
DMARC can protect all of your domains from being targets of spoofing and phishing. It creates records of those that are authorized to send emails from your domain. DMARC is used by gmail. You may see an email rejected per DMARC policy.
SPF – Stands for Sender Policy Framework.
SPF is an email authentication system that was created to prevent other spoofers from sending emails from your domains.
When an email is received, an email provider will verify the SPF through DNS records. AN email is flagged as spam if it is not an IP address on your list. This will force it to fail a SPF authentication check. It will send the message “spf authentication has failed”.
DKIM – Stands for Domain Key Identified Mail.
DKIM is another email protocol system in which an organization can feel safe when transmitting an email message. It allows the user to sign it in a way that providers can verify. It uses cryptographic authentication to verify records.
Most IT professionals would recommend using these cyber security systems in a combination for complete coverage in your security. Together, they can fully protect all of your email domains from any attacks of spoofing or fraud.
You may be wondering, how does the Cyber Incident Reporting for Critical Infrastructure Act affect me?
In general, you should be happy to see that your government is taking steps to improve our overall cyber security. They are taking a solid role in improving our cyber safety.
With this act, our financial companies, energy companies, and more, will be required to report all cyber incidents. These infrastructures greatly impact all of us, and will be more protected by the CISA department of homeland security.
They impact our safety in our communities, our work, our home, our finances, our personal privacy, and more.
We all need cyber security to be of the utmost importance.
By adding extra security reporting protocols for stricter reporting of data breaches, etc, our government is ensuring that our public health and safety is greatly improved.
All companies, including those in our critical infrastructure communities, should take steps to increase their awareness of cybersecurity management and policy security measures.
Utilizing DMARC, SPF, and DKIM can give you and your company security from incoming attacks. Having a solid plan in place for how you choose to respond to any attacks is very important.
Reach out to your trusted IT professionals to help you and your company to implement a safety protocol today. As always, Proper Sky is here to help!