In this episode, Brian Hengesbaugh, Global Chair of Data Privacy and Security, is joined by Stephen Reynolds, partner in Chicago, as they discuss the Strengthening American Cybersecurity Act, a law recently signed by President Biden, which requires key businesses to report certain ransomware incidents to the Cybersecurity and Infrastructure Security Agency (CISA). Listen in to hear about: • An overview of the new law, including key elements such as mandatory reporting requirements, timelines and which "critical infrastructure" sectors are affected by the legislation • How the scope and ambiguity of the new law impacts organizations and complicates the response process effort • What to expect in terms of engaging with CISA and how to preserve privilege applying to such communications • How to manage and coordinate the new reporting mandates with existing incident reporting obligations • Suggested action items to help companies address top-of-mind concerns and challenges they encounter as ransomware continues to be a prevalent threat