Daily News

U.S. Chamber encourages CISA to seek ‘qualitative’ information in incident reports under upcoming mandatory regime

By Sara Friedman / November 30, 2022

Mandatory incident reports to CISA should be focused on “qualitative’ information, according to the U.S. Chamber of Commerce, which offers a proposal for information requirements based on legislative intent in the CIRICA law.

The Cyber Incident Reporting for Critical Infrastructure Act directs CISA to establish a mandatory regime where incidents must be reported within 72 hours and 24 hours for ransomware payments. CISA released a request for information in September to gather feedback from stakeholders on implementation.

“For the...

form.antibot { display: none !important; } You must have JavaScript enabled to use this form.

U.S. Chamber encourages CISA to seek ‘qualitative’ information in incident reports under upcoming mandatory regime

Log in to access this content.

Not a subscriber? Sign up for 30 days free access to exclusive news and analysis on cybersecurity regulations and more.