March 25, 2023
Software group urges CISA to craft ‘specific’ incident reporting requirements for consistency, resource considerations
BSA-The Software Alliance is concerned about the level of detail CISA will want in mandatory incident reports and argues for “minimal, but specific reporting requirements” to create consistency across sectors.
“CISA should be cautious about what information it requires a covered entity to report. CISA’s requirements will directly affect how covered entities use their limited resources while also responding to the cyber incident,” BSA says in comments submitted Monday to CISA on the upcoming incident reporting regulation.