In this episode, Brian Hengesbaugh, Global Chair of Data Privacy and Security, is joined by Stephen Reynolds, partner in Chicago, as they discuss the Strengthening American Cybersecurity Act, a law recently signed by President Biden, which requires key businesses to report certain ransomware incidents to the Cybersecurity and Infrastructure Security Agency (CISA). Listen in to hear about:

  • An overview of the new law, including key elements such as mandatory reporting requirements, timelines and which “critical infrastructure” sectors are affected by the legislation
  • How the scope and ambiguity of the new law impacts organizations and complicates the response process effort
  • What to expect in terms of engaging with CISA and how to preserve privilege applying to such communications
  • How to manage and coordinate the new reporting mandates with existing incident reporting obligations
  • Suggested action items to help companies address top-of-mind concerns and challenges they encounter as ransomware continues to be a prevalent threat

Want to Learn More?
Stay tuned for more podcasts and subscribe to the Connect On Tech Blog at

Subscribe on your player of choice: Apple | Android | Spotify