Inside Cybersecurity

April 12, 2024

Daily News

Lawmakers urge CISA to issue proposed rule for incident reporting following statutory deadline for release

By Sara Friedman / March 20, 2024

The Cybersecurity and Infrastructure Security Agency’s upcoming proposed rule to mandate an incident reporting regime for critical infrastructure is still in the interagency review process, as the 24-month clock to craft the rule mandated by law expires and lawmakers raise concerns.

The 2022 Cyber Incident Reporting for Critical Infrastructure Act gave CISA 24 months to publish a notice of proposed rulemaking that would establish new regulations. The clock expired on March 15.

“The Cyber Incident Reporting for Critical Infrastructure...

Log in to access this content.

Not a subscriber? Sign up for 30 days free access to exclusive news and analysis on cybersecurity regulations and more.