Why New Incident Reporting Mandates Are 'Groundbreaking'Former NSA Deputy Commander Tim Kosiba on Top Healthcare Sector Cyber Concerns
New legislation mandating cyber incident reporting for critical infrastructure providers within 72 hours, and the reporting of ransom payments within 24 hours, is "groundbreaking," with potentially significant implications, says National Security Agency Deputy Commander Tim Kosiba, CEO of security firm bracket f.
"Our government is emphasizing the need to report such instances to organizations like the Cybersecurity Infrastructure Security Agency, the FBI, etc. to assist and ensure that the problem doesn't get worse," he says. "So, if you're actually hit by a ransomware attack … now it will ultimately be law that you report that attack," he says in an interview with Information Security Media Group.
Nonetheless, the ability of critical infrastructure operators to meet these mandates will be challenging, he says. "The owners need to take seriously the threat that exists today and prepare their organizations by taking necessary steps to mitigate the possibilities of an attack."
In the interview (audio link below photo), Kosiba also discusses:
- Cyber challenges faced by small and midsized hospitals and healthcare entities;
- Cyberthreats involving the Russia-Ukraine war, including ransomware attacks by Russian cybercriminal groups such as Conti;
- An alliance with the American Hospital Association to provide member hospitals with incident response and other security services.
Kosiba is CEO of bracket f, a wholly-owned subsidiary of cloud security firm Redacted. He is a former senior government official whose career spans three decades in the Department of Defense, FBI and the U.S. Department of the Navy. Kosiba most recently served as a deputy commander within the NSA where he was responsible for implementation of the NSA's cybersecurity policy. Prior to that role, he served as the chief of computer network operations at NSA.