Our 2022 Data Security Incident Response Report discussed the increased regulatory scrutiny of cybersecurity incidents and defenses following a year of high-profile and damaging cyberattacks, including the Russia-based SolarWinds espionage campaign and the Colonial Pipeline ransomware attack. This article summarizes several U.S. government actions aiming to improve the nation’s cybersecurity and the government’s ability to track and respond to cyber incidents. Organizations subject to these actions will need to evaluate how such actions may apply to them and take necessary measures to comply. Organizations should also note that these actions are just examples of a larger whole-of-government effort to bolster the nation’s cybersecurity and address cyberattacks—organizations should expect and watch for additional cyber regulations that may impact their operations.
The Biden Administration
At the forefront of this increased focus on cybersecurity is the Biden Administration’s goal to get the federal government’s cyber protections in order as it encourages private entities to do the same. In May