Inside Cybersecurity

October 3, 2022

Daily News

CISA incident reporting RFI asks for feedback on key definitions, reporting procedures to shape upcoming regulation

By Sara Friedman / September 12, 2022

Scoping key terms including “covered entity” and “substantial cyber incident” for CISA’s incident reporting regulation are among the important topics in a new CISA request for information published today, along with questions on reporting procedures and liability considerations.

The Cybersecurity and Infrastructure Security Agency is gathering public feedback to inform implementation of the Cyber Incident Reporting for Critical Infrastructure Act, known as “CIRCIA.” The law directs CISA to set up a mandatory regime where critical infrastructure entities will have 72...


Log in to access this content.


Not a subscriber? Sign up for 30 days free access to exclusive news and analysis on cybersecurity regulations and more.