Inside Cybersecurity

April 12, 2024

Daily News

CISA rulemaking reveals proposed plans for key definitions in upcoming incident reporting regime

By Sara Friedman / March 28, 2024

CISA’s notice of proposed rulemaking for mandatory cyber incident reporting goes into depth on proposed definitions, impacts that would trigger reporting and the applicability of who could be considered a covered entity.

The NPRM is based on parameters established by Congress in the 2022 Cyber Incident Reporting for Critical Infrastructure Act to develop the regulation and tailors the definitions and reporting requirements in the law to meet CISA’s needs for reports that will enable effective two-way information sharing, intelligence...


Log in to access this content.


Not a subscriber? Sign up for 30 days free access to exclusive news and analysis on cybersecurity regulations and more.