As Colin R. Jennings  Ericka A. Johnson and Genevieve L. Bresnahan discuss at in an article at Law360, “[i]n light of recent, high-profile ransomware attacks against critical U.S. infrastructure, lawmakers have been grappling with the most appropriate course of action to combat ransomware attacks.”  However, on July 21, Sen. Mark Warner, D-Va., Chair of the Senate Intelligence Committee, along with Vice Chair, Sen. Marco Rubio, R-Fla., and Sen. Susan Collins, R-Maine, introduced the Cyber Incident Notification Act.  This bipartisan legislation “would require, at a minimum, federal agencies and contractors, and owners and operators of critical infrastructure to report potential cybersecurity intrusions to the U.S. Department of Homeland Security‘s Cybersecurity and Infrastructure Security Agency no later than 24 hours after the confirmation of such an intrusion. However, the act leaves many of the details on the implementation of this legislation up to regulators.”

You can check out their full analysis at Law360 here.