Airline group calls on CISA to streamline incident reporting requirements as work continues to establish mandatory regime

The Cybersecurity and Infrastructure Security Agency’s upcoming mandatory incident reporting regulation for critical infrastructure should take into consideration a need to unify the aviation sector’s 10 reporting requirements into a single mandate, according to Airlines for America.

CISA in April outlined its approach in a notice of proposed rulemaking to establish new requirements for incident reporting as directed under the 2022 Cyber Incident Reporting for Critical Infrastructure Act. CISA is in the process of adjudicating comments on the NPRM,...