Inside Cybersecurity

April 12, 2024

Daily News

CISA issues notice of proposed rulemaking outlining covered cyber incidents, policies for reporting

By Sara Friedman / March 27, 2024

The Cybersecurity and Infrastructure Security Agency has issued a highly anticipated notice of proposed rulemaking establishing parameters for its upcoming mandatory incident reporting regime, including proposed definitions for covered cyber incident, reporting timelines and enforcement policies.

“The Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA), as amended, requires the Cybersecurity and Infrastructure Security Agency (CISA) to promulgate regulations implementing the statute’s covered cyber incident and ransom payment reporting requirements for covered entities. CISA seeks comment on the proposed...


Log in to access this content.


Not a subscriber? Sign up for 30 days free access to exclusive news and analysis on cybersecurity regulations and more.