By Max Kelly
The Act requires companies in the 16 sectors that comprise our country’s critical infrastructure (including energy, hospitals, banks, and transportation) to report any and all cybersecurity breaches within 72 hours and any ransomware payment within 24 hours. Reporting mandates have been debated for more than a decade, but the trifecta




