Biden Signs NDAA Relying on Voluntary Private-Sector Cybersecurity Collaboration – By Mariam Baksh (Nextgov) / December 28, 2021
Major breaches over the past year were a double-edged sword in efforts to pass a crucial mandatory reporting measure that didn’t make it into the ‘must-pass’ legislation despite bipartisan support, according to key lawmakers.
President Joe Biden on Monday signed into law the National Defense Authorization Act of 2022 which codifies an approach to cybersecurity that depends on the decisions of private-sector entities to protect the bulk of the nation’s critical infrastructure.
The NDAA has become the go-to legislative vehicle for efforts to manage the federal government at large, and to regulate the private sector on cybersecurity issues.
On the government side, the law requires the Cybersecurity and Infrastructure Security Agency to biennially update an incident response plan and to consult with sector-specific agencies and the private sector in establishing an exercise program to assess its effectiveness.
