Three key jurisdictions have successfully launched new legal frameworks targeted at identifying critical infrastructure, imposing security requirements on same, and requiring regulatory reporting where those security requirements are breached (collectively, the “CI Cyber Breach Legislation”): Canada: the Critical Cyber Systems Protection Act (“CCSPA”); EU: Network Infrastructure Security Directive 2.0 (“NIS2 Directive”); and U.S.A.: Cyber Incident […]