CISA proposal on incident reporting enters new stage following feedback from stakeholders

The feedback review process for CISA’s upcoming cyber incident reporting regime starts today with the conclusion of a public comment period, where stakeholders weighed in on scoping and the submission process under the new regulation.

CISA embarked on a two-month journey in September through a request for information and subsequent public listening sessions across the country. The March incident reporting law gives CISA 24 months to craft a notice of proposed rulemaking, followed by a final rule 18 months...