Legislation to Require 24 Hour Notice of RansomWare

What’s happening? S2666 (1117th Congress) would require businesses with more than 50 employees to notify Cybersecurity and Infrastructure Security Agency that a ransom had been paid within 24 hours. A business’ failure to comply could hinder federal contracts.

Why is this important? Its a blue print for state legislation

How will this be important? This and similar legislation will continue to play out on the state level. We’ve seen Oklahoma make ransomeware “illegal”

Balch & Bingham | Senate Introduces Legislation Requiring 24-hour Ransomware Notification