A critical flaw in the modern-day cybersecurity landscape is the lack of reporting requirements. It is very difficult to defend against attacks if those that are targeted attempt to cover it up to save reputation. The Cyber Incident Reporting for Critical Infrastructure Act of 2022, signed into law by President Biden on March 15, 2022, requires companies that are attacked to report significant cyber incidents within 72 hours of discovery. This law incentivizes companies to report by offering protections, allowing them to report without so many negative consequences. The law aims to enhance breach reporting capabilities and allows for more effective incident response, since authorities will be able to analyze attack patterns. The Cybersecurity and Infrastructure Security Agency (CISA) will organize, aggregate, and anonymize the information from reports into a body of actionable information for the private sector, including cyber research organizations.