The head of the U.S. cybersecurity enforcement agency “is a huge supporter” of bipartisan legislation to mandate that operators of critical infrastructure report data breaches to the government.
Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency, said she backs draft legislation from the Senate Homeland Security and Governmental Affairs Committee to require certain private companies, federal agencies and government contractors to report cyberattacks to the agency.
The proposed legislation is partly in response to a surge of major cyberattacks that targeted government agencies and critical industries, including Colonial Pipeline Co. and meat producer JBS SA. The hacks increased pressure on the Biden administration to bolster U.S. cyber defenses and fueled calls for federal legislation to require companies to share incidents with the federal government to assist in response and recovery.