ARA Signed Coalition Letter to Congress on Cyber Security
Oct 04 2021
ARA signed a coalition letter to members of the Senate Committees on Intelligence, Homeland Security and Governmental Affairs as well as the House Committee on Homeland Security with provisions for legislation that would create a compulsory cyber incident notification program and ultimately impose serious obligation on the business community.
ARA and the undersigned organizations offered this list of important provisions for a functioning mandatory incident reporting regimen:
- Establishing a prompt reporting timeline of not less than 72 hours;
- Attaching reporting to confirmed cyber incidents;
- Confining reports to significant and relevant incidents;
- Including robust liability protections;
- Harmonizing federal reporting requirements;
- Ensuring compliance is supportive, not punitive;
- Restricting government use of reported data;
- Protecting the rulemaking process to guarantee substantial input from industry;
- Limiting reporting to a victim entity or its designee; and
- Treating reporting as a means to bidirectional sharing and collaboration.
Read the coalition letter to learn more about how ARA and the coalition organizations seek to work with lawmakers on cyber incident reporting legislation that strengthens our national security and the resilience of U.S. industry.