In February 2022, critical websites in the Ukrainian government and private sector were the target of a digital denial of service cybersecurity attack. Launched just prior to the Russian land offensive, the attacks drove home a key message: Digital assets continue to be a critical front in geopolitical warfare. Incidents like the one in Ukraine, coupled with a global rise of ransomware attacks – 66% of 5,600 organizations in one survey were hit in 20212 – have led the U.S. government to redouble its efforts to bolster national cybersecurity.
The Strengthening American Cybersecurity Act (SACA) is a step in that direction. Signed into law in March 2022, it legally mandates operators of critical infrastructure (everything from dams to transportation systems and critical manufacturing) to notify the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) within 72 hours of any data breach.