Federal officials are beginning work with the private sector to prepare for the historic provision passed last week that requires critical infrastructure providers to notify the Cybersecurity and Infrastructure Security Agency of malicious cyber intrusions.

Critical providers including utilities, banks, energy providers and other sectors will have to alert CISA within 72 hours of a major cyberattack or 24 hours of a ransom payment under new federal regulations. The requirements are part of a long-sought partnership that shields companies from liability and allows for rapid intelligence sharing…

The law closes some visibility gaps for both investigators and responders, Sheldon said, which can help strengthen the overall security posture of critical infrastructure providers.

However, providers still need to push to incorporate best practices for the purpose of proactive defense, including the use of endpoint detection and response, zero trust and sound log protection practices.