New federal cybersecurity rules will set timelines for critical infrastructure sector organizations those in chemical, manufacturing, healthcare, defense contracting, energy, financial, nuclear, or transportation to report ransomware payments and cyberattacks to CISA. All parties have to comply for it to work and help protect assets.