As the situation in Ukraine evolves, businesses should be mindful of potential risks to their people, assets, operations, or supply chains in the region and globally. Marsh, as part of the Marsh McLennan family of companies, has created a page with information, tools, and resources related to the Russia-Ukraine conflict. Please visit the page for the latest information.

About

Marsh McLennan Agency (MMA) provides business insurance, employee health & benefits, retirement, and private client insurance solutions to businesses and individuals.
Services

Empowering your company to succeed with an unparalleled range of resources
Industries

Our promise is to connect you with our team of professionals who have specific expertise in your industry and deliver customized solutions that fit your unique needs.
Insights
Locations
Events
Careers

Just as we deliver solutions to help our clients succeed, we continually listen and evolve to create a dynamic and supportive team environment to ensure our colleagues meet their fullest potential.

United States(English)
Canada(English)
Canada (Français)

May 23, 2022

Cybersecurity focus on agribusiness

On March 15, President Biden signed the 2022 Cyber Incident Reporting for Critical Infrastructure Act S.3600 into law. This law is widely supported by government and industry stakeholders as cyber incident frequency and severity levels continue to bring focus on the potential systemic nature of future cyber incidents.

What this means for food and agriculture going forward

Accounting for roughly one-fifth of the nation’s economic activity, food and agriculture falls underneath one of the 16 critical infrastructure sectors identified by the Cybersecurity and Infrastructure Security Agency (CISA).

The bill requires critical infrastructure owners and operators to report:

Cyber incidents within 72 hours of knowing the incident has occurred
Any ransomware payments within 24 hours of being made to the CISA

The bill also includes several ransomware-specific provisions as well as appropriate liability, privacy, and use protections. CISA has advised it will use the data to warn entities of threats, help victims recover, analyze trends, and enable a whole-of-nation defense and response strategy.

How you should prepare

You should review your current cyber incident reporting structures and requirements to optimize efficient reporting and information sharing with CISA.

It is also important to share this information with all colleagues that work on your organization’s cyber risk program.

Marsh McLennan Agency can help

MMA’s Cyber Risk Practice specialists are available at the ready to help you align your enterprise-wide cyber team’s perspectives on how to best approach complying with the new reporting requirements. Our specialists can help with knowledge and resources, including those offered by Marsh McLennan partner firms through our Cyber Resiliency Network, so that you can make informed decisions and rightsize your approach together.

If you or your fellow cyber colleagues would like to discuss any of the above information about this new legislation and how it may impact your cybersecurity program’s incident management planning, process, and platform, necessary cybersecurity service providers, or cyber insurance policy, please feel free to reach out to us directly.

Featured Insights

More Insights

Marsh McLennan is the leader in risk, strategy and people

Marsh McLennan Agency

About
Industries
Insights
Locations
Events
Careers
Contact Us

children any 1

Marsh
Guy Carpenter
Mercer
Oliver Wyman

children any 1

Privacy Notice
Terms of Use
Notice at Collection
Compensation Guide
Manage Cookies

Cybersecurity focus on agribusiness

Featured Insights

New SEC rules place deadline on disclosing material cyber events

Where you can find artificial intelligence (AI) in life sciences

Protecting your business from disruption