Inside Cybersecurity

December 4, 2022

Daily News

Stakeholders consider how to address ‘materiality’ threshold under CISA incident reporting regulation

By Sara Friedman / November 4, 2022

Stakeholders at a recent event emphasized how CISA’s upcoming incident reporting regulation should address “materiality” differently than a controversial Securities and Exchange Commission proposed rule, because of the way the cyber agency plans to use the information.

“I don’t think materiality is the right threshold for CISA,” former Federal CISO Grant Schneider said. At the SEC, the focus is on a “potential investor” and what they would want to understand about the nature of an attack through a public disclosure,...


Log in to access this content.


Not a subscriber? Sign up for 30 days free access to exclusive news and analysis on cybersecurity regulations and more.