Inside Cybersecurity

March 29, 2023

Daily News

CrowdStrike urges CISA to develop guidance for determining ‘reasonable belief’ in incident reporting regulation

By Sara Friedman / December 5, 2022

CrowdStrike is proposing the creation of guidance to help critical infrastructure owners understand what should be considered “reasonable belief” to start the 72-hour reporting clock under CISA’s upcoming incident reporting regulation.

“Not all cyber incidents have the same level of severity and rise to the level of ‘substantial’ to be reported,” CrowdStrike argues in recent comments to CISA on the upcoming proposed rule.

The threat intelligence and incident response company uses an incident where an actor gains access but...

Log in to access this content.

Not a subscriber? Sign up for 30 days free access to exclusive news and analysis on cybersecurity regulations and more.