Cybersecurity legislation is vital to address the growing number of cyberattacks that threaten the economic and national security of the United States. Consequently, 2022 was a significant year for cybersecurity legislation, with six major pieces of legislation signed into law. These laws focused on cyber incidents and ransomware attacks, reporting requirements, assigning cybersecurity responsibilities to CISA, the cybersecurity workforce, and state and local government cybersecurity programs. This paper addresses these significant pieces of legislation passed in 2022 at the federal level and cybersecurity legislation trends at the state level. The federal legislation discussed in this paper includes The Strengthening American Cybersecurity Act, the Cyber Incident Reporting for Critical Infrastructure Act of 2022, the Better Crimes Metric Act, the National Cybersecurity Preparedness Consortium Act, the Federal Rotational Cyber Workforce Program Act, and the State and Local Government Cybersecurity Act.

Author: Shaila Rana, PhD | Contributing Researcher, ICIT

Read the Full Report